BYOC: Secure by design, proper controls by default

In an open letter by JPMorgan Chase’s Global CISO, Patrick Opet called the modern SaaS delivery model “a substantial vulnerability.” Not only did he call out the status quo—he outlined a mandate for enterprise software.  

Opet’s core message: secure-by-default, continuous control validation, and flexible deployment options like self-hosting and bring-your-own-cloud (BYOC) are now table stakes. Convenience can’t outrun control—and vendors who can’t prove governance won’t make the cut.

In this post, we illustrate how Redpanda Cloud - Bring Your Own Cloud (BYOC) is ideally suited to address the future security needs of highly regulated industries, such as financial services, allowing the enterprise to regain control without sacrificing the benefits of SaaS.

The SaaS security paradox

Pure‑SaaS products earned their dominance by abstracting infrastructure, but that very abstraction concentrates risk. A single compromise of a multi‑tenant control plane can ripple across thousands of customers. 

Today, security leaders must choose between operational simplicity and proper data controls, between the productivity of managed services and the governance of self‑hosting. Opet’s letter makes clear that this is no longer an acceptable trade‑off.

BYOC: bridging the chasm between control and convenience

Redpanda anticipated this inflection point two years ago with its BYOC deployment for Redpanda Cloud. In a BYOC deployment, Redpanda would run the data plane within JPMC’s own VPC while the lightweight control plane stays in Redpanda’s cloud. JPMC would retain full possession of their data, IAM policies, and cloud-provider discounts, while Redpanda assumes 24/7 operations, upgrades, and incident response. 

Additionally, the BYOC dataplane is completely independent and isolated from the control plane, allowing it to continue operations should the control plane go down. Think of it as combining the best of both worlds – you get the governance capabilities of a self-hosted model with the convenience and productivity of a traditional SaaS.

“Secure and resilient by design’ must go beyond slogans” - Patrick Opet, Chief Information Security Officer, JPMorgan Chase

Real-world example: LiveRamp

Redpanda has been adopted by multiple financial services organizations, including global banks, fintechs, and market infrastructure provider, who chose our BYOC model specifically to meet strict regulatory and privacy mandates. These customers required complete control over network boundaries, encryption policies, and log access, while still benefiting from a vendor-managed experience. 

With Redpanda, they retained proper data controls and auditability without compromising on streaming performance or uptime. The ability to deploy in their own VPCs and enforce their own compliance controls was a decisive factor in choosing Redpanda over traditional multi-tenant SaaS platforms.  

Customers, such as LiveRamp, report lower latencies and reduced spend while meeting internal compliance standards with Redpanda BYOC. Rolling upgrades, tiered storage, and intelligent auto‑tuning are part of the service, which means no PagerDuty pings at 3 AM.

Beyond compliance: an innovation catalyst 

For an institution like JPMorgan Chase, which processes trillions of dollars in transactions daily, innovation can’t come at the expense of security or regulatory posture. With Redpanda BYOC, teams can develop real-time risk analytics, low-latency fraud detection, or AI-powered trade surveillance pipelines directly within a zero-trust, auditable environment. There’s no need to wait for central infrastructure provisioning or compromise on data locality. 

The ability to stream sensitive workloads such as KYC checks, AML scoring, and liquidity monitoring within the firm’s own cloud perimeter enables JPMorgan-scale teams to move faster while maintaining governance. Redpanda enables developers to accelerate product delivery without triggering compliance exceptions, turning secure-by-design into a strategic advantage.

A call to action for CISOs and CTOs 

Opet’s letter signals that the market will reward vendors who can prove security, not merely promise it. Redpanda BYOC demonstrates that the path forward is neither all‑in on SaaS nor a return to the datacenter. It’s a well-architected SaaS solution where control and convenience finally converge.

SaaS 1.0 was about abstracting infrastructure. SaaS 2.0 is about returning control without bringing back the toil.

If your organization is re‑evaluating third‑party risk in light of JPMorgan’s guidance, start with your data streaming layer. Let Redpanda BYOC prove that you can have a platform that’s secure by design and offers proper controls while delivering the speed and agility of a fully managed cloud.

For deeper technical details or a proof‑of‑concept in your own cloud account, get in touch. For any other questions, ask our team in the Redpanda Community Slack.