I'm wondering how other Kaseya MSP's handle Admin rights assignments?

Up until now our Kaseya user/client base has been small enough that most of our techs did not need to do significant work in kaseya. However as our MSP efforts have been growing we're having a hard time balancing Risk against functionality. The risk that one of our tech's could accidently do any number of potentially damaging things to our entire clientbase is too much to bear. However if we remove those rights, the techs will never be ableto fullly leverage our MSP investments.

We are not setup such that we can give our techs rights only certain groups. Each tech needs basic functionality over all groups, with more advanced functions on particular groups.
We really need a matrixed approch to rights assignments for user/group/function. (User A really needs to be able to an admin of groups 123, but only users of groups 567)

How is everybody else handling this?

Legacy Forum Name: MSP Admin Rights Assignments,
Legacy Posted By Username: camorton