| Who Manages Infrastructure? | Looply | Looply | Customer |
| Who Owns AWS Account? | Shared (Looply’s AWS environment) | Dedicated AWS account per customer (Managed by Looply) | Customer-provided AWS account |
| Best For | Businesses seeking cost-effective, fully managed SaaS with strong security | Enterprises needing compliance, data isolation & fully managed infrastructure | Highly regulated enterprises needing full control over infra |
| Data Isolation | Logical isolation via IAM, DynamoDB partitioning, and API security | Full physical isolation(dedicated AWS resources) | Full physical isolation (customer controls AWS setup) |
| Data Residency Control | Limited region support predefined by Looply (customer can choose from available regions) | Customer can choose any AWS region | Customer can choose any AWS region |
| Compliance Readiness | Secure by design built on SOC2/ ISO 27001 compliant AWS infrastructure | SOC 2 / ISO 27001 compliance-ready, with dedicated infrastructure | Customer responsible for compliance certification |
| Network Security | Multi-tenant architecture with IAM-based access controls, API Gateway protection, and AWS WAF. All traffic is encrypted in transit. | Dedicated VPC per customer, PrivateLink for internal AWS service access, tenant-specific IAM roles, and encrypted communications. | Dedicated VPC per customer, PrivateLink for internal AWS service access, customer-controlled network security policies, and encrypted communications. |
| Outbound API Access | Shared NAT Gateway with static IP for whitelisting | Dedicated NAT Gateway per customer with static IP, with optional PrivateLink-based outbound API access for enhanced security | Dedicated NAT Gateway per customer with static IP. Customers can choose to restrict outbound internet access entirely using VPC PrivateLink, ensuring private-only API connectivity |
| Security Model | IAM-based tenant isolation, API authentication, encryption (at rest & in transit), AWS GuardDuty monitoring | VPC isolation, PrivateLink, IAM-based role filtering, API authentication, encryption (at rest & in transit), AWS GuardDuty monitoring, tenant-specific IAM roles, dedicated security policies based on customer requirements | Identical to Private Cloud (Looply-Managed) |
| Provisioning & Access Control | Fully managed by Looply | Looply provisions and manages all infrastructure, including ongoing optimizations and updates | Looply provisions infrastructure in customer’s AWS account using securely shared credentials (e.g., temporary IAM roles, access vault). Infrastructure-as-Code (IAC) deployment requires client secrets (Serverless Framework). Customer is responsible for access governance after provisioning. |
| Software Updates | Automatic (Looply maintains version control & security patches) | Automatic (Looply ensures all instances remain at the latest service pack level) | Customer-defined(Looply provides updates, but customer led rollout) |
| Firefighter Access & Update Control | Full control (Looply manages everything, no customer intervention required) | Looply has full admin access for patches, updates, and troubleshooting | Looply requires ad-hoc 'Firefighter Access' for applying patches, upgrades, and troubleshooting. Access is temporary, controlled via IAM, and revoked after completion. |
| Support & Troubleshooting Model | Full support (Looply manages infrastructure, instant issue resolution with 24/7 monitoring ) | Full support (Looply has direct access to logs, monitoring, and security patches. Response time SLAs are flexible and defined contractually based on business needs) | Customer IT team is primary support, Looply offers ‘Advisory Support’ with a troubleshooting SLA defined contractually, dependent on customer-provided access |
| Migration Flexibility | Can migrate to Private Cloud later(data export/import process) | Easier transition between Looply-Managed and Customer-Managed models | Customer fully responsible for migrating out |
| Customization & Integrations | Standard setup, limited customization | Some customization (branding, integrations, policies) | Full control over integrations & network security |
| Disaster Recovery & High Availability | Serverless architecture with automated scaling, multi-AZ support, and Looply-managed backups | Serverless architecture with automated scaling, multi-AZ support, and Looply provides automated backups by default, with customizable retention policies based on customer requirements | Serverless architecture with automated scaling, multi-AZ support, but customer responsible for backup policies |
| Performance & Scaling | Auto-scaling based on AWS Lambda & DynamoDB on-demand scaling | Looply-optimized scaling with dedicated tenant resources | Auto-scaling enabled, but customer governs configuration |
| Data Retention & Backup Policies | Fully Configurable retention & standard Looply defined backup policies | Fully Configurable retention & customizable backup policies | Fully Configurable retention & customizable backup policies |
| Infrastructure Cost | Included in Looply’s pricing (No additional AWS cost to customer) | Included in Looply’s pricing (No additional AWS cost to customer) | Customer pays directly for AWS infrastructure usage |
| Usage + Licensing Cost | Metered based on usage + flat subscription fee (includes hosting, management, and support) | Metered based on usage + Flat subscription fee (Looply manages software & updates) | Flat subscription fee (Looply provides software updates, but customer manages infrastructure) |