AI Guardrails & Approval Policies

AI INTEGRATIONAUTOMATIONBEST PRACTICESOPENFRAMESECURITY

Phase 9 — Security & Access Control · Step 2

Section

June 24, 2026

Published

Vladislav Marchenko

Vladislav Marchenko

Head Of Marketing

AI Guardrails & Approval Policies

Phase 9 — Security & Access Control · OpenFrame Onboarding

Mingo can do real work on real machines — and that power needs a leash you control. Guardrails are how you decide what the AI may do on its own, what it has to ask a technician about, and what it's flat-out blocked from doing. If you ever wondered where those "Technician approval required" cards in tickets come from (Phase 6), this is the setting behind them.


Before you start

  • You need an Admin role.
  • Find it under Settings → AI Settings & Guardrails.

Start with a preset

The fastest way to set a sane baseline is to pick a Guardrails Preset. Click Edit Settings and choose one:

  • Autonomous — maximum autonomy for trusted environments. Most operations auto-approve, including file management, process control, and system configuration. Only user deletion needs technician approval.
  • Permissive — full operational freedom for experienced teams. Unrestricted access to most functions including software management, remote access, and system control. Only destructive operations like device wipes require a tech.
  • Balanced — standard MSP operations with safety controls. Monitoring, security updates, file cleanup, and diagnostics are allowed; software installs, configuration changes, and system restarts require approval; device wipes and permission changes stay blocked.
  • Restrictive — maximum protection for sensitive environments. Users can monitor, view logs, and send notifications, but file operations, software management, configuration changes, and remote access are blocked.

Pick the one closest to your risk tolerance. Balanced is a sensible default for most MSPs; tighten to Restrictive for sensitive clients.


Tune individual actions

A preset is a starting point, not a straitjacket. Below the presets, guardrails are grouped by policy area — File Operations (downloads, file management, uploads), System Control (power, process management, remote access), and more. Expand any group to see its individual rules.

Each rule has an enforcement level that decides what happens when Mingo wants to do that thing:

  • Auto-approve — Mingo just does it.
  • Ask User — the client is prompted to approve.
  • Ask Technician — a tech has to approve before it runs (this is the approval card you see in the ticket).
  • Block — never allowed.

For example, under File Management you'll see Delete files and folders set to Ask Technician, while Move or rename files and Create files or directories sit at Ask User. Deleting is riskier, so it demands a human with more authority. Adjust each rule to match how much you trust the AI with that specific operation.

To build your own from a known baseline, click Use for Custom Policy next to any preset — it loads that preset's rules as a starting point you can then edit action by action, then switch the selector to Custom Policy.


Save and verify

Click Save Settings when you're done. From then on, anything you've set to Ask Technician or Ask User will surface an approval card instead of running silently — exactly the behavior covered in Approval Workflows (Phase 6). Test it by triggering an action you've gated and confirming the approval prompt appears.


Quick checklist

  • Opened Settings → AI Settings & Guardrails → Edit Settings
  • Picked a preset (Balanced for most; Restrictive for sensitive clients)
  • Expanded policy groups and set enforcement levels per action
  • Used Use for Custom Policy if you needed a tailored baseline
  • Clicked Save Settings and confirmed an approval card appears for a gated action

What's next

You've decided what the AI can do. The last piece is seeing what actually happened: Audit & Activity Logs gives you the record of every action across your tools.


Based on OpenFrame v0.9.19. Presets, policy groups, and enforcement options evolve between releases — what's in your console wins.

Vladislav Marchenko

Head Of Marketing

Hi all! My name is Vlad and I’ve been brought on to head the marketing team at Flamingo. Thankfully, this isn’t the first time I will be building a marketing department from scratch, so the experience should come in handy. Now it’s time to dive into the world of MSPs and find myself in this new world.

Related Content

Product Releases

Webinars

Case Studies

Blog Posts

Frequently Asked Questions

MSP AI Agents

Yes. In production MSP shops today, 10% to 25% of tickets close before a human opens them. Thread alone has processed 173 million tickets across 750-plus MSP partners at 96% triage accuracy, handing back 490,000-plus technician hours. Agents own the low-risk, high-volume work (password resets, MFA enrollment, known installs, onboarding and offboarding) and flag anything that touches production data or needs judgment for a human to take.
On a five-person desk, reported deployments show $78,000 to $130,000 in annual direct labor savings, roughly 30% fewer escalations, and 15% to 20% better SLA compliance. Broader MSP adoption data adds ticket handling time cut by 45% and five to 12 points of margin, all from reclaimed capacity rather than headcount cuts.
An AI agent for an MSP is software that reads a ticket, decides the action, performs it across your tools, and records the result without a technician driving each step. It differs from a chatbot or copilot by taking action, not just suggesting one.

AI MSP

MSPs use AI to triage and route tickets, cut alert noise, schedule patches, assist L1 security work, and draft client reports. Kaseya's 2025 benchmark found 30% already use it to eliminate tedious tasks, with ticket triage the most common starting point.
Most MSPs start with AI features inside their existing PSA, RMM, and ticketing systems rather than standalone products. Common categories include AI ticket triage, alert correlation, scripting assistants, and AI-native all-in-one platforms like OpenFrame that run intelligence across the whole stack.
Start with a readiness assessment, not a tool purchase. Confirm your ticket history is clean and your RMM, PSA, and monitoring systems connect. Then pick one high-volume, low-risk workflow, usually ticket triage, and pilot it on internal tickets before any client sees it.
Automate high-volume, low-risk tasks first. Ticket triage and alert noise reduction top the list because they run constantly and a human still resolves the underlying issue. Save security approvals, billing changes, and client-facing actions for later, always with a human in the loop.

AI Safety

It can be, with governance. Keep a human in the loop on high-risk actions, log every automated step for audit, and choose platforms that keep your data yours with no vendor lock-in. Pilot on internal data first so you catch issues before client systems are involved.

AI for MSPs

Set a baseline before rollout, then track tickets closed per technician, mean time to resolution, percentage of tickets resolved with no human touch, technician hours reclaimed, and cost per ticket. AI-driven automation commonly cuts operational cost per ticket by 25 to 40%.

About OpenFrame

OpenFrame isn't built to plug into your stack. It replaces it. Instead of duct-taping a dozen tools together (RMM, MDM, SIEM, patching, remote access, each its own login and bill), we bundle it into one unified platform: RMM, MDM, monitoring, automation, remote access, patch management, security monitoring, and ticketing, plus built-in AI copilots. So "does it integrate with X?" usually means: you won't need X anymore.