An IT firm or managed service provider (MSP) typically needs Technology Errors and Omissions (Tech E and O) — which covers a client's financial loss when your work, advice, or software fails — plus Cyber (which responds to a data breach), General Liability, and often a Business Owners Policy. Tech E and O and Cyber are not the same coverage; client contracts (MSAs) increasingly require both, at specific limits. There is no license, but the contract requirements are the real driver.
Technology businesses carry a risk profile most generic small-business policies were not built for: you can cause a client a large financial loss without any physical damage or even a data breach — just by shipping a bug, botching a migration, or missing an SLA. This guide covers the IT and MSP coverage stack, the Tech E and O vs Cyber distinction, and what client contracts require. It is general education, not advice for your specific business.
Tech E and O is not Cyber
This is the distinction that trips up almost every tech buyer:
- Technology E and O (professional liability) — responds when your work causes a client a financial loss: a software defect, a failed implementation, a missed deadline, bad advice. It is about performance failing.
- Cyber liability — responds to a security event: a data breach, ransomware, a network intrusion — including breach notification, forensics, and third-party claims.
Many carriers offer these as a blended tech package; others sell them separately. Either way, an MSP that both builds/manages systems and holds client data usually needs both. See cyber liability and GL vs professional liability.
The IT and MSP coverage stack
Technology E and O
Covers client financial loss from your software, services, or advice failing. The flagship coverage for IT firms and MSPs; usually written claims-made.
Cyber Liability
Responds to a breach or security event: notification, forensics, restoration, and third-party claims — including incidents on systems you manage.
General Liability
Third-party bodily injury and property damage — the baseline most office leases and client contracts require.
Business Owners Policy (BOP)
Bundles general liability with property for your office, servers, and equipment — often the best value.
Fidelity Bond / Crime
Covers theft by an employee — often required to win enterprise contracts where your staff access client systems or funds.
Workers Comp / Commercial Auto
Workers comp for employees (required in almost every state); commercial auto if staff drive to client sites.
Matched to your tech niche in a few minutes.
A few quick questions. No phone calls. No contact info.
Common claims and risks
IT and tech sub-niches
The stack shifts by what you do: IT consultant, managed service provider (MSP), software developer, web developer, SaaS, cybersecurity consultant, cloud / data- migration consultant, and IT staffing. The more client systems and data you touch, the heavier the Cyber and Tech E and O emphasis. (Cybersecurity consultants have their own elevated exposure — a dedicated topic.)
What client contracts require
There is no license for IT work, so the requirements come from contracts:
- Master service agreements (MSAs) — enterprise clients routinely mandate Tech E and O and Cyber at set limits (commonly $1M–$2M), plus additional-insured status.
- Commercial leases — require general liability.
- Fidelity bonds — often required to win contracts involving privileged access.
Because Tech E and O is usually claims-made, mind your retroactive date and tail when you switch carriers. See occurrence vs claims-made.
Frequently Asked Questions
Is tech E and O the same as cyber insurance?
No. Technology E and O covers a client's financial loss when your work, software, or advice fails. Cyber responds to a breach or security event (notification, forensics, third-party claims). An MSP that both manages systems and holds client data usually needs both.
What insurance does an MSP need?
Typically Technology E and O, Cyber, General Liability (or a BOP), often a Fidelity/Crime bond for privileged access, and Workers Compensation for employees. Client contracts usually set the required limits.
Do IT contractors need insurance if there is no license?
There is no state license for IT work, but client master service agreements routinely require Tech E and O and Cyber at specific limits, plus additional-insured status. The contract, not a license, is the driver.
Is technology E and O claims-made?
Usually yes. Because it is claims-made, protect your retroactive date and buy tail coverage when you switch carriers so prior work stays covered.
Do software developers need tech E and O?
Yes. A defect in shipped code that causes a client a financial loss is exactly what Technology E and O covers; general liability does not respond to a professional error.
Why do enterprise clients require a fidelity bond?
Because your staff may have privileged access to their systems or funds. A fidelity/crime bond covers loss from employee theft, which enterprises often require before granting access.
Quick glossary — IT and MSP insurance terms
- Technology E and O
- Professional liability for tech: covers a client's financial loss when your work, software, or advice fails.
- Cyber liability
- Coverage for a breach or security event: notification, forensics, restoration, and third-party claims.
- Blended tech package
- A policy combining Tech E and O with Cyber, common in the IT market.
- Master service agreement (MSA)
- The client contract that usually sets your required coverages and limits.
