Channel-Only Partner Programme
Value-based pricing. Ready-made proposals. A tool built to generate MSP revenue — not compete with you for clients.
Prefer portfolio view first? This page includes an MSP Command Center preview below with representative data.
Link your client’s M365 or Google Workspace. Quick setup (typically minutes, varies by tenant scope).
Automated scanner analyses mailbox messages, files, and sharing permissions. Findings triaged by severity.
Auto-generated PDF with remediation steps, effort estimates, and public enforcement context (informational).
Present the proposal. Deliver the work. Bill monthly for ongoing monitoring.
Designed for MSPs who want proof in the room — fast links, branded evidence, and a clear audit trail.
From the MSP Command Center: pick a client → Mint access link (or equivalent) → paste into your PSA email. The client completes Microsoft or Google OAuth on our hosted page — typically under 5 clicks for them after they open your message.
You stay in your workflow; we never market to your end client.
Save your Brand Kit (logo, accent colour, company name, contact line) once, then export board-ready PDFs that carry your identity — ideal for QBRs and governance packs. From a completed scan: Export → Compliance report (PDF) is usually two clicks from the tenant Command Center.
CSV exports stay available for PSA tickets and evidence registers.
Every partner gets a free Internal Use Licence — scan your own Microsoft 365 or Google Workspace, see exactly what the tool finds, and decide if it’s worth selling before you commit a penny.
Below is a static preview using the same layout as the signed-in MSP Portfolio Command Center (portfolio strip, jump navigation including Brand Kit, risk watchlist, Brand Kit panel, and Client access header). Numbers are illustrative.
Start with client sign-ins (can we scan their mailbox?), then use the watchlist for risk. Open any client dashboard when you need detail.
Preview · illustrative figures
Selected client: none
1. Client sign-ins (teal) — Has this client signed in with Microsoft or Google so we can read their mailbox?
2. Client access links (indigo) — Invites you sent; waiting for them to click and sign in.
3. Clients & average score — How many tenants you monitor and typical posture.
4. Needs attention — Stale scans, big score drops, or lots of open high-severity items.
5. Priority index (£) — Internal ranking from open findings. Not a fine or legal advice.
6. Risk heatmap — How many clients sit in high / medium / low bands.
7. AI & overseas flags — Hints from message wording. Confirm in each client dashboard.
Client sign-ins
16
Step 1: can we scan this client’s Microsoft 365 or Google Workspace?
Client access links
3 pending
Step 2: invite links you sent (not the same as a completed sign-in).
Monitored clients
18
Tenants on your portfolio.
Avg score
74.0
Needs attention
2
Where to focus first.
Priority index (£)
£160,000
Priority index—not legal advice.
Risk heatmap
18 tracked
High
7
Medium
6
Low
5
Sorted by MSP priority tier.
AI wording flags
12
Review wording inside each tenant.
Overseas data flags
5
Review wording inside each tenant.
Deep evidence stays in each tenant—open their dashboard, switch to Operations, then Findings.
| Client | Priority | Posture score | Open crit / high | Work login | Exposure | Last scan | Action focus | Scan cadence | Actions |
|---|---|---|---|---|---|---|---|---|---|
| Contoso Legal Ltd | High | 62.0 | 2 / 1 | OK | £40,000 | 1d | Public links + mailbox PII | Weekly | Open · Copy link |
| Fabrikam Finance | Medium | 71.4 | 0 / 3 | OK | £24,000 | 4d | Shared folder scope | Bi-weekly | Open · Copy link |
Workplace sign-in: OK in our saved records (token on file). Press Refresh above if you just reconnected and want this row to update.
Controls what clients see on invites, welcome steps, and PDFs. Hit save before you send access links.
1. Enter company name (and optional website).
2. Add logo + accent colour → Save Brand Kit.
3. Download the PDF style preview if you want to check spacing before go-live.
4. Select a client and pull a branded report when QA is finished.
Logo: transparent PNG or clean JPEG, under 2 MB. Colours picked here drive buttons and headings in previews.
Identity block plus optional messaging — mirrors what ships to the client PDF.
Sample positioning copy — live tenants use your saved Brand Kit text.
Provision read-only workspace access, track invite status, and reuse the same Brand Kit on every touchpoint — welcome copy, client portal chrome, and PDF exports.
In the live MSP Portfolio Command Center, open Client Access & Onboarding from the jump bar (same section as this preview). Pick the client row, then use Mint access link — we return a URL that encodes that tenant so the stakeholder lands in the right workspace after Microsoft or Google sign-in.
Send stakeholders the minted client access link (/invite/client/…). After Microsoft or Google sign-in they land in their tenant workspace. MSP operators use /app?client_user_id=… only when already signed in to manage that client.
Static preview — invite URL shape
Illustrative only — real links are minted signed-in from your tenant.
1 · Create link
Select the client row → mint a time-limited access URL tied to that tenant. No shared passwords; OAuth stays on Microsoft/Google.
2 · Client onboarding
Send the link from your PSA or secure email. They consent once; you see them in the portfolio strip when the connection completes.
3 · Branded proof
Run or schedule scans, then export white-label PDFs with your logo and colours for exec packs and renewals.
Same data as Brand Kit: After you save there, this invite flow uses that profile from our database. The client sign-in page shows your saved display name and optional website link; logo, accent, and long-form copy show on branded PDFs and exports.
1. Confirm Brand Kit reads the way you want (logo, accent, company name, contact email on PDFs).
2. Create an access link for the stakeholder you’re onboarding (per-tenant, revocable).
3. Send it through your trusted channel — they sign in with Microsoft or Google; you do not handle their password.
4. When they finish, they appear in your portfolio and client selector for scans, watchlist, and exports.
5. Optional: copy the mail draft to paste into ConnectWise, Autotask, Halo, or plain email with your own SLAs.
End-customer workspaces use the same Compliance Command Center shell as the anonymised homepage preview after sign-in (score ring colours, regulation row, findings cards with source reference and “What was flagged” strip). The compact example below is illustrative only.
Anonymised sample report (layout) → · Same page at /sample-dashboard
Public file link exposes customer PII
CriticalWhat was flagged: This file is shared publicly and contains sensitive personal data
Found 3 National Insurance Numbers in email
HighWhat was flagged: Found 3 national insurance numbers in this mailbox message
Credential harvesting attempt detected
HighWhat was flagged: Suspicious content: credential lure, urgency (92% confidence)
Auto-generated proposal includes:
Remediation steps · effort estimates (hours) · public enforcement context (informational) · priority ranking · copy-ready client mailouts for your MSP letterhead
Base + per-client pricing. No setup fees. Month-to-month. Cancel anytime.
Channel-first: you control the relationship and the price.
MSP dashboard + lead-gen snapshot scans
Includes MSP dashboard, partner workflows, and scanning for prospecting and monitored clients (within partner terms, fair use, and per-run scope)
Current published partner platform fee: £199/month.
Designed to stay predictable while client count scales.
Per active client workspace
Value-linked variable fee (discount vs retail plans)
Current published model: £25/client plus base membership.
Retail reference is typically £299+ per workspace, so partners keep significant pricing headroom.
How MSP billing works
Illustrative monthly total = £199 platform fee + (£25 × active clients).
Example: 10 clients = £449/mo. Final partner terms are confirmed in writing.
How onboarding actually works
You need the client’s M365 or Google Workspace domain. They click one OAuth consent button (read-only access). Scan typically completes in minutes (varies by tenant size/scope). No credentials stored, no agents installed.
You handle billing
Our current published partner model is £199/month platform fee plus £25/client/month for monitored tenants. Final terms are confirmed in writing. You bill your client whatever you want. We never see their invoice, contact them, or undercut you.
What if a client is clean?
If a client has low/no findings, you can still deliver a shareable PDF summary of scan scope, date, and results (not certification). That's a useful record for audits and internal governance.
What exactly does the scan check?
20+ PII pattern types (NI numbers, payment data, NHS numbers, passports, bank details, etc.), phishing/BEC signals, file sharing permissions, and regulatory mapping against UK GDPR, NIS2, and DORA. Findings are generated from scanned samples within run caps and include severity, mapped regulation, and remediation steps.
Current partner pricing
Current model is £199/month base + £25 per monitored client/month. We confirm final terms in writing before onboarding.
No lock-in
Month-to-month per client. No annual contracts. No minimum seats. Add or remove clients anytime.
Partner scanning is for legitimate prospecting and client delivery. Per-run mailbox message and file caps and fair-use policies apply; we may throttle abuse. Uptime and scope are described in Terms and Security pages.
Representative finding types from the detection engine. Severity and source labels match the live dashboard. Names redacted.
Found 3 National Insurance Numbers in email
Source: mailbox message · UK GDPR Art. 5(1)(f) · Severity: High
Credit card data with Luhn-validated numbers
Source: cloud file · PCI DSS Req. 3.4 · Severity: Critical
CEO impersonation attempt flagged in mailbox
Source: mailbox message · Urgency language + payment request · Severity: High
12 files shared publicly via OneDrive containing client PII
Source: file / sharing · UK GDPR Art. 32 · Severity: High
Identity theft combination: NI + DOB + address in one mailbox thread
Source: mailbox thread · GDPR Art. 9 special category data · Severity: Critical
We’ll set you up within one working day. No commitment to buy.
Prefer context first? Anonymised sample report or see the homepage Command Center preview.
We’ve got your details
We’ll be in touch within one working day.
Anonymised sample report while you wait →We use essential cookies for sign-in and security. If you choose Accept analytics, we load Google Analytics (GA4) to understand traffic - no ads. Cookie Policy