Vendors are looking for ways to differentiate themselves in a crowded market and organizations are looking for solutions that are cheaper, faster, and easier for their teams to deploy and manage. SaaS providers are now offering a “vendor-managed-deployment” option for their product, where the employees of the SaaS company install the cloud infrastructure and software into your environment and maintain this access for ongoing maintenance. This can be enticing on both sides - enabling the vendor to focus on core product development rather than secondary “features” (including deployment templates) and freeing infrastructure teams from re-architecting and managing another tool in your stack.

However, the risks introduced in this new paradigm are immediately clear - expanded cloud attack surface, granting elevated access to another entity, and redefining your posture on insider threat are just the beginning. Yet, for some organizations the tradeoff in control is well worth the operational and cost savings proposed by this model.

In this talk we’ll cover how this new deployment option differs from existing well-established integration patterns and scenarios where this deployment option can benefit your organization. Additionally, we will provide key considerations to keep in mind when considering this deployment option, and strategies for mitigating risk and maintaining security in both initial deployment stages and ongoing support.