The Ready5 Validation Badge shows that a Managed Service Provider (MSP) has what it takes to deliver the full set of security standards and controls in the Cyber Ready Clinic's Ready5 framework. Customers are responsible for empowering the MSP and choosing the right package of services, and this badge does not guarantee the customer has enabled the MSP to implement every control.

Each validated MSP has signed an annual attestation letter that they are ready and willing to provide the following Ready5 capabilities to you once you engage with them and choose the appropriate services package. Across the following domains, an MSP can:

Endpoint Security

• Deploy Advanced EDR across all managed workstations and servers

• Provide 24/7 MDR / SOC monitoring with a sub-60-minute response commitment for high/critical alerts

• Remotely isolate compromised endpoints and perform hands-on remediation from defined playbooks

• Remove local administrator rights from standard users

• Apply agent-based DNS filtering / secure web gateway, including for off-network users

• Manage Windows devices through a centralized RMM/MDM/UEM platform

• Maintain a reconciled asset inventory and a standard OS / third-party patch process

Identity Security

• Enforce MFA for all end users and all administrative accounts

• Use advanced, phishing-resistant MFA (Authenticator, FIDO2, passkeys) and remove weak methods (SMS, voice)

• Centralize identity around a single source of truth (IdP) and promote Single Sign-On

• Maintain separate admin accounts and a formal help-desk identity-verification process; use non-email-enabled domain admins

• 24/7 Respond to after-hours account compromise — disable accounts, revoke tokens, force MFA re-enrollment, and revoke OAuth consents

• Promote a password manager and manage secrets in a dedicated platform

• Enforce strong password and PIN standards, and run defined onboarding/offboarding

Email Security

• Implement secure email configurations (SPF, DKIM, DMARC) on Microsoft and Google

• Analyze links, attachments, and sender reputation across customer organizations

• Provide a one-click phishing-report button for end users

• Run centralized, analyst-led phishing triage

• Fully remediate Business Email Compromise — pull malicious mail, disable attacker inbox rules, revoke OAuth consents, and remove unauthorized forwarding/delegates

• Maintain a documented Spear Phishing response playbook

Network & Edge Security

• Extend DNS / web filtering to endpoints off the corporate network (roaming agents)

• Deploy and manage firewalls for customers with on-premise infrastructure

• Review firewall rules at least annually to close high-risk ports and protocols

• Enforce MFA on all VPN connections

• Implement VLAN segmentation for on-premise assets (servers, printers, IoT)

• Constrain Domain Controller admin accounts to a small, dedicated, non-email-enabled set

Incident Response & Backups

• Provide immutable, off-site backups for on-premise servers

• Provide or recommend SaaS backups for Microsoft 365 / Google Workspace, plus endpoint backup

• Conduct documented backup restoration testing with measured RTO/RPO

• Maintain shareable Ransomware and BEC incident-response playbooks

• Help customers build a Cybersecurity Incident Response Plan (CSIRP) and run tabletop exercises

• Operate a 24/7 emergency escalation process for cybersecurity incidents