The initial setup was easy. It was intuitive. The product is deployed on a shared cloud with the vendor. The deployment took roughly six months.

The initial setup has always been fairly standard. What's changed over the year and a half is the support for additional cloud environments. They started with AWS and Azure, then added GCP. They started adding additional connectors and cloud environments. So, they added features and capabilities. They added additional content and more policies that can be evaluated. 

The setup has always been easy because it's always been cloud native. There are very minimal requirements for on-premise. However, it got easier as they do more in the cloud.

The first deployment probably took a couple of minutes. It's always been a couple of minutes. It's a matter of prerequisites.

At this point, we have a standard implementation strategy.

A lot of times the challenge comes in granting the right permissions for BMC Helix to get data out of your cloud environment. There are always some fundamental things that it requires. Usually, it is read-only. If you want to be able to remediate security risks, then it needs a read-write type of permission. 

Initially, maybe some of the documentation wasn't as clear as I would have liked it to be. It might have taken a bit of time to set up on the cloud environment to give BMC Helix access. Now, BMC has done a great job in maturing the documentation and making it easier to configure multiple accounts under the same connector. I believe we did an evaluation for a recent client, and it took about five minutes to set up the connector to their AWS environment that had hundreds of resources.

It takes about two years to fully deploy the solution. A team of eight to nine people is needed.

The initial setup was a little complex at first because of the different moving parts. In hindsight, it's security and the vulnerabilities. It's similar, as a tool, to what we've used previously, but now it's in the cloud. Once you get to know your way around the tool, things start becoming second-nature. But the initial view feels like there's a lot of information in terms of understanding what is what and where it's located.

It's a SaaS tool so there's no deployment required. Once you get set up with BMC, you get an account, you log in, and you can start working right away to set up your connectors to scan your environment. It only takes a few minutes. It only takes one person to deploy it across an organization.

The initial setup was straightforward. It is a plug and play kind of a tool. You need to have prerequisites completed in your organization or network and then everything will be plug and play.