CRS Bundle
Protect & Recover: Guardz + Keepit Bundle for Australian MSPs
Two best-in-class platforms on one CRS deal. Guardz prevents and detects across identity, endpoint and email with 24/7 MDR. Keepit keeps the same SaaS data recoverable on independent, immutable infrastructure.
Why two best-in-class platforms beat one all-in-one
Every Australian MSP eventually faces the same question on every SMB tenant: do I sell security first, or backup first? The honest answer is both, because they protect against different failures. Guardz catches the attack (identity-tier compromise on Entra ID, OAuth abuse, endpoint execution, business email compromise) and the 24/7 MDR team coordinates response across the surfaces in one playbook. Keepit keeps the data recoverable when prevention misses, when a user makes a recoverable mistake, or when a third-party SaaS outage takes the production tenant offline.
The Acronis Cyber Protect Cloud pitch is one agent, one vendor, one invoice. We credit it honestly — operational simplicity on the endpoint is real value, and for some MSPs that simplicity is the deciding factor. The trade-off the customer accepts is that the security layer and the backup layer are both competent rather than best-in-class, and they share fate on the same vendor\'s infrastructure. One vendor incident affects both layers simultaneously.
The CRS bundle is the counter-pitch. Guardz is purpose-built for SMB MSP cybersecurity: 2025 MSP Today Product of the Year, 2025 Global Infosec Awards Trailblazing MDR Service Provider, US$56M Series B raised in 2025. Keepit is purpose-built for SaaS backup with vendor-independent immutable cloud infrastructure and the deepest M365 plus Entra ID coverage on the market. Each vendor\'s entire engineering focus is its layer, and the backup vendor is structurally independent from the security vendor, which is what every prudent compliance auditor wants written into the procurement specification.
Side-by-side coverage map
The same SaaS workloads, two complementary jobs. Guardz keeps them safe at the security layer; Keepit keeps them recoverable at the data layer. The overlap is the point.
| Workload | Guardz (prevent + detect) | Keepit (back up + recover) | Bundle outcome |
|---|---|---|---|
| Microsoft 365 (Exchange, OneDrive, SharePoint, Teams) | Email security, cloud data exposure scanning, identity tier detection | Immutable backup of mail, files, sites, Teams and configuration | Prevention plus recovery on the same tenant |
| Microsoft Entra ID | ITDR for OAuth abuse, app-registration persistence, anomalous admin grants | Configuration backup of users, groups, roles, conditional access, app registrations | Active identity defence with cross-tenant restore if everything breaks |
| Google Workspace | Email security plus identity-tier detection plus exposure scanning | Immutable backup of Gmail, Drive, Docs, Calendar with native-format recovery | Prevention plus recovery on Google-first tenants |
| Salesforce | Not in scope | Standard + custom object backup, sandbox seeding with anonymisation | Keepit covers — Guardz protects the identity and email paths into Salesforce |
| Azure DevOps, Dynamics 365, Power Platform, Intune | Not in scope | Native backup across each workload | Keepit covers — Guardz protects the user identities accessing them |
| Endpoints (Windows, macOS) | Managed AV plus SentinelOne Complete EDR plus 24/7 MDR (Ultimate) | Not in scope (SaaS data only) | Add Cibecs for endpoint backup if recovery on the device matters |
| External footprint + dark web | Open-port scanning, SSL drift, breached-credential alerting | Not in scope | Guardz handles this; Keepit is not in this market |
Compare with Acronis Cyber Protect Cloud
Acronis Cyber Protect Cloud is the obvious one-vendor alternative: backup, DR, security, EDR and email security in one console with one agent. For MSPs whose decisive criterion is reducing tool count, Acronis is the easier sell. We say so honestly.
The CRS bundle wins on three structural points. Best-in-class per layer (Guardz for active security, Keepit for SaaS backup, both leaders in their category rather than competent modules in a wider suite). Backup vendor independence (Keepit runs on its own infrastructure entirely separate from Guardz, so a security-vendor incident never takes down recovery). SaaS workload coverage depth (Keepit\'s 19+ workload catalogue covers Salesforce, Dynamics 365, Azure DevOps, Power Platform, Intune and more, beyond the M365 plus Google scope Acronis covers strongly).
The full side-by-side honesty matrix lives at /compare/guardz-keepit-bundle-vs-acronis-cyber-protect. If Acronis is the right call for a particular customer, we will tell you that too.
How the bundle works
Identify workloads
CRS scopes the customer's SaaS estate (M365, Google, Salesforce, Entra ID, Dynamics) and headcount.
Quote both lines
Guardz Pro or Ultimate per-seat plus Keepit per workload, sized for the actual deployment.
CRS-exclusive bundled discount
Bundled pricing negotiated per partner based on volume and term. CRS absorbs the commercial side.
One invoice, two platforms
Partners sign with CRS, receive one invoice, run two best-in-class platforms across the customer base.
Frequently asked questions
Why two vendors instead of one all-in-one?
Because best-in-class beats competent-in-everything once the customer is real. Guardz is purpose-built for SMB MSP cybersecurity (2025 Trailblazing MDR Service Provider, US$56M Series B). Keepit is purpose-built for SaaS backup with vendor-independent immutable infrastructure. Each vendor's entire engineering focus is its layer. Acronis-style all-in-one is genuinely simpler operationally but the security and backup layers are competent rather than leading, and they share fate on one vendor's infrastructure.
What is the discount mechanic?
CRS-exclusive bundled pricing, negotiated per partner based on combined volume and term. Minimum 50 seats combined (negotiable for the right opportunity) on a minimum 12-month commitment. Partners receive one invoice from CRS covering both lines.
Can the bundle stack with the existing Keepit Pipeline Payday and Partner Power Play promotions?
Yes. The Protect & Recover bundle stacks with both Keepit deal-registration promotions running through to 30 September 2026. See /partner-promotions for the live programme list.
What about endpoint backup?
The bundle covers active security (Guardz) and SaaS backup (Keepit). Endpoint backup is a separate job. CRS distributes Cibecs for near-CDP endpoint backup with DLP, which slots in alongside the bundle if the customer needs laptop and desktop data recovery on top.
Is the bundle available across Australia, NZ, Fiji and PNG?
Yes. CRS distributes both Guardz and Keepit across all four markets with AUD-aligned commercial terms and pre-sales engineering. Local support, regional deal registration and one CRS commercial relationship across the bundle.
How does this compare with Acronis Cyber Protect Cloud?
Acronis is the all-in-one alternative: one vendor, one agent, one console for backup, DR, security and EDR. Honest read: Acronis wins on operational simplicity on the endpoint. The CRS bundle wins on best-in-class per layer, backup vendor independence from the security vendor, and depth of SaaS workload coverage. Full breakdown at /compare/guardz-keepit-bundle-vs-acronis-cyber-protect.
One CRS deal. Two best-in-class platforms.
Available across Australia, New Zealand, Fiji and PNG with AUD-aligned commercial terms. Minimum 50 seats combined, 12-month commitment, negotiated per partner.