Data security and privacy are top of mind for all customers. This concern is not exclusive to highly regulated industries such as financial services, but for all companies. The number of incidents related to “data leakage” continues to increase and customers are more vigilant than ever to protect their data. SaaS has been the dominant pattern to quickly adopt new solutions and technologies. SaaS has simplified the complexity and costs of deploying and managing technology, freeing up teams to focus on business critical activities. However, with SaaS data has to leave the customer’s network. In this day and age with private connections that don’t go over the public internet the risks of data leakage is low. However, we see customers are increasingly looking for solutions where they can isolate the data within their own network.

When we designed DeltaStream we architected it in a way to enable flexibility in how we deploy our platform. In 2022 we launched our SaaS service, which is serverless and provides for both dedicated and multi-tenant deployments. Our SaaS offering is highly secure and enabled only through private connections to a customers streaming data store (e.g., Apache Kafka). However, for some customers data leaving their networks is a non-starter. We completely understand that customers have a different tolerance for data security risks based on the type of data, the industry they operate in and their customer’s requirements.

A Modern Solution

To address our customers' security and privacy concerns last week we announced the launch of our Private SaaS offering. With Private SaaS customers can now process their streaming data without the data ever leaving their network all while the service being fully managed by DeltaStream. This does two things:

  1. Guarantees privacy and security of data and eliminates the overhead and complexity of managing the platform. 
  2. Gives customers the capability of processing their streaming data within minutes

We did this by making our data plane portable while connecting to the same control plane as our SaaS product. Our SaaS and Private SaaS offerings share the same code base guaranteeing customers have the latest set of features regardless of the product they choose. 

As a seed-stage company we deliberately made this investment early to address customers pressing data security and privacy concerns.

How Private SaaS Works

As a serverless cloud native platform, DeltaStream includes a control plane and a data plane. The control plane includes services such as authentication, access control, infrastructure and metadata management. Also, the control plane manages the orchestration of many data planes. The data plane is where DeltaStream accesses and processes customer data. This includes reading and writing data from and to stores such as Apache Kafka, running streaming queries and building materialized views. In a typical SaaS model, both control plane and data plane run in the service provider's Virtual Private Cloud (VPC) account, requiring the transfer of customer data between the customer VPC and the service provider VPC. The following figure depicts a typical Saas architecture.

While this is acceptable to many customers, some customers do not allow data leaving their network. For such cases, private SaaS is the right solution since it guarantees data won’t leave the customer VPC at any point in time. In this model, all access and processing of the customer data will happen inside the customer VPC. This is achieved by running the data plane within the customer VPC. The following figure depicts the architecture for DeltaStream Private SaaS.

With the private SaaS model, DeltaStream provides the same serverless user experience that the customers love but with the guarantee that data remains within the customer VPC. DeltaStream will run the data plane in customer VPC through a secure connection and handle all aspects of running streaming processing workloads.

The Benefits of Private SaaS

1. Data Sovereignty 

As Public Clouds became the norm, the questions around Data Sovereignty have never been more pertinent. There are numerous jurisdictions that have data export restrictions. The most widely known regulation is GDPR. GDPR serves to protect personal data that is collected for customers operating in the EU. Customers cannot export this personal data and customers must implement procedures to protect this data. Private SaaS  allays this concern by allowing the data plane to reside in EU data centers. Ownership and the responsibilities over data never changes hands and the authority always lies with the customer.

2. SaaS adoption made easy

For some organizations, adopting SaaS services that run outside of their VPC is not an option regardless of local laws. This means undertaking complex initiatives and taking on the overhead of building, operating and maintaining not only the required platforms, but also developing disparate centers of excellence to help keep the lights on. This translates to inflexibility and a longer time to market.

3. Serverless platform in your VPC

The platform is serverless meaning we scale the infrastructure for the data plane that runs in your network. You get all the benefits of our SaaS offering while keeping the data in your VPC.

4. Reduce Costs

Private SaaS enables our customers to leverage their existing relationships with their CSPs and apply their negotiated discounts and other benefits over to their DeltaStream bill. This brings in the much needed transparency over your cloud costs and enables you to manage them better.

Try DeltaStream Private SaaS

DeltaStream provides a comprehensive stream processing platform to manage, secure and process all your event streams. It is easy to operate, and scales automatically. You can get more in-depth information about DeltaStream features and use cases by checking the DeltaStream blog. If you are ready to try a modern stream processing solution, you can get started with a free trial of DeltaStream or reach out to our team to schedule a demo.