BYOC: Secure by design, proper controls by default

Redpanda’s take on JPMC’s letter to software suppliers

Bipin Singh

Patrick Angeles

June 18, 2025

Copy link

CopIED!

In an open letter by JPMorgan Chase’s Global CISO, Patrick Opet called the modern SaaS delivery model “a substantial vulnerability.” Not only did he call out the status quo—he outlined a mandate for enterprise software.

Opet’s core message: secure-by-default, continuous control validation, and flexible deployment options like self-hosting and bring-your-own-cloud (BYOC) are now table stakes. Convenience can’t outrun control—and vendors who can’t prove governance won’t make the cut.

In this post, we illustrate how Redpanda Cloud - Bring Your Own Cloud (BYOC) is ideally suited to address the future security needs of highly regulated industries, such as financial services, allowing the enterprise to regain control without sacrificing the benefits of SaaS.

The SaaS security paradox

Pure‑SaaS products earned their dominance by abstracting infrastructure, but that very abstraction concentrates risk. A single compromise of a multi‑tenant control plane can ripple across thousands of customers.

Today, security leaders must choose between operational simplicity and proper data controls, between the productivity of managed services and the governance of self‑hosting. Opet’s letter makes clear that this is no longer an acceptable trade‑off.

BYOC: bridging the chasm between control and convenience

Redpanda anticipated this inflection point two years ago with its BYOC deployment for Redpanda Cloud. In a BYOC deployment, Redpanda would run the data plane within JPMC’s own VPC while the lightweight control plane stays in Redpanda’s cloud. JPMC would retain full possession of their data, IAM policies, and cloud-provider discounts, while Redpanda assumes 24/7 operations, upgrades, and incident response.

Additionally, the BYOC dataplane is completely independent and isolated from the control plane, allowing it to continue operations should the control plane go down. Think of it as combining the best of both worlds – you get the governance capabilities of a self-hosted model with the convenience and productivity of a traditional SaaS.

“Secure and resilient by design’ must go beyond slogans” - Patrick Opet, Chief Information Security Officer, JPMorgan Chase

JPMC requirement	How Redpanda BYOC meets the requirement
Secure‑by‑default, transparent controls	BYOC follows a zero-trust agent model with least-privilege IAM roles that customers can apply and audit at any time. All cluster resources are tagged, logged, and continuously reconciled against drift. (More information)
Continuous, demonstrable evidence	Because the data plane resides in your account, you can stream logs directly into your SIEM, run vulnerability scans, and prove control efficacy without waiting for vendor attestations.
Deployment options such as confidential computing, self‑hosting, and BYOC	Redpanda BYOC is the BYOC option that the letter highlights, combining single‑tenant isolation with fully managed operations.
Advanced authorisation and detection for interconnected systems	Redpanda supports TLS 1.3 everywhere, fine‑grained ACLs, and optional FIPS‑validated binaries for environments that demand cryptographic assurance. (More information)

Real-world example: LiveRamp

Redpanda has been adopted by multiple financial services organizations, including global banks, fintechs, and market infrastructure provider, who chose our BYOC model specifically to meet strict regulatory and privacy mandates. These customers required complete control over network boundaries, encryption policies, and log access, while still benefiting from a vendor-managed experience.

With Redpanda, they retained proper data controls and auditability without compromising on streaming performance or uptime. The ability to deploy in their own VPCs and enforce their own compliance controls was a decisive factor in choosing Redpanda over traditional multi-tenant SaaS platforms.

Customers, such as LiveRamp, report lower latencies and reduced spend while meeting internal compliance standards with Redpanda BYOC. Rolling upgrades, tiered storage, and intelligent auto‑tuning are part of the service, which means no PagerDuty pings at 3 AM.

Beyond compliance: an innovation catalyst

For an institution like JPMorgan Chase, which processes trillions of dollars in transactions daily, innovation can’t come at the expense of security or regulatory posture. With Redpanda BYOC, teams can develop real-time risk analytics, low-latency fraud detection, or AI-powered trade surveillance pipelines directly within a zero-trust, auditable environment. There’s no need to wait for central infrastructure provisioning or compromise on data locality.

The ability to stream sensitive workloads such as KYC checks, AML scoring, and liquidity monitoring within the firm’s own cloud perimeter enables JPMorgan-scale teams to move faster while maintaining governance. Redpanda enables developers to accelerate product delivery without triggering compliance exceptions, turning secure-by-design into a strategic advantage.

A call to action for CISOs and CTOs

Opet’s letter signals that the market will reward vendors who can prove security, not merely promise it. Redpanda BYOC demonstrates that the path forward is neither all‑in on SaaS nor a return to the datacenter. It’s a well-architected SaaS solution where control and convenience finally converge.

SaaS 1.0 was about abstracting infrastructure. SaaS 2.0 is about returning control without bringing back the toil.

If your organization is re‑evaluating third‑party risk in light of JPMorgan’s guidance, start with your data streaming layer. Let Redpanda BYOC prove that you can have a platform that’s secure by design and offers proper controls while delivering the speed and agility of a fully managed cloud.

For deeper technical details or a proof‑of‑concept in your own cloud account, get in touch. For any other questions, ask our team in the Redpanda Community Slack.