95% of my business is NOC services, 5% is Managed Desktops (I dont put servers on LT, I use Solarwinds for monitoring and we patch OS with other mechanisms, because Devs do regression test on every update, if we dont and something fails or reboot outside maintenance windows, we get penalized in $$$)
Why am I saying this?
If I want to run LT in house I would do it (I run F5 LTM, Solarwinds NPM, two different SIEMs and a lot of other tools), in house
I dont agree with your approach, because "Cloud" and "Hosted" doesnt mean the provider should change "certain" things.
They CAN, but they should not, and when they change critical features, they deserved to be pushed back.
Example: The fact that Bank of America owns the computer system where your private data is stored, dont give them rights to one day eliminate HTTPS or change the system so all accounts are public, without passwords.
Yes, they can, and yes you can change banks, but you know why you can change banks? because there are like 1000 banks in the US with the same services,, but how many LTs are?,,, and what happen if you have bank accounts, investment, mortgage, business loans, car loans, CC on Bank of America, and imagine if you have the investment portfolios, with a lot of money and information from your customers also with Bank of America and one day they make the changes without telling you? and next day you find that someone could easily get access to yours and your customers financials, how long it will take you to switch all your instruments to another bank?,, and how will you feel if someone tells you "is a hosted version, they can do whatever they want, and you can take your business somewhere else"
You will go happy without saying anything to anybody? really?
Because if that happens to me, I would go to the CEO’s golf club and wait until he gives me an explanation. No because of my data, but because of my customer’s data.
LT disabled a feature that protects the customer's privacy, and THAT is a deal breaker.
I know you run in house, and probably you did your homework and have 2FA on the SC Web, or even better, use it via VPN or just inside your network, but SC hosted doesnt have any of that, the web is available over the Internet and doesnt even has 2FA or even IP whitelist, unless you explicitly do it (dont tell me I should have done that, because Bank of America doesnt ask you when you sign up "do you want your account, hackable, secure, super secure or ultra-secure?, and if you want anything else than ‘hackable’ this is the paperwork that you have to fill up".
So, please do me a favor, imagine for a second that you are running SC like that, for whatever reason, and imagine telling your customers, "Hello Mr CEO of 'ABC Capital', I know you trust me with accessing remotely your PC any day or night (which I always advise you against to), but just letting you know, that my admin web GUI is not protected from Brute Force Attacks and if anybody breaks the security over a weekend, we are not responsible for information leaks".
Suuuureeee,, he will keep you as provider next day.
For the record, I used to manage a server platform on Solaris, holding every cellphone number in the states and Canada, I was the SaaS, how would you feel if if you were an ISV with few millions invested on developing an app that securely use my API, spent few hundred grands on marketing telling your customers how well they are protected and all of the sudden I change my password policy to require only 5 digits and over HTTP and you realize a week after, on a customer meeting, when a junior network admin tells you "hey, did you know that you are authenticating over non-encrypted links ? and yesterday I used Wireshark and saw all the passwords from all our users in clear text, and by the way, they are only 5 digits length"
Then you could come back and complain, and I would tell you "Yes, you can run my software on premises and put your own certificate, dont worry, let me give you a quote so you forget about how you just received a "high tech humiliation" and just give me a big juicy check to make up for my lack of technical vision"
I dont mind LT changing the way we do scripts, or the way the buttons work, on the look and feel, or even if the app is slower, or sometimes buggy, I DO CARE ABOUT PRIVACY and protecting my customer's data.
By the way, after no few push backs with Labtech, they agreed to revert my SC hosted instance to 5.5 and keep the functionality as it was before.
And they agreed to not upgrade, until the functionality is back.
They did the right thing.
I dont sell the "this is the what it is" services, so I dont buy the "this is the what it is software" either, especially if the functionality was there when I signed up.
And yes, I dont trust companies that change direction on critical items without notifying the implications and confirming with customers.
I bet if any end user of yours read my paranoia and position, they will agree with me, after all thats what I get paid for, because I dont get paid to "give them whatever I get"
My customers are my most important asset, I get paid to protect them, even from myself, and I take this seriously.
Next time SC scares me out, I will remove it, and I will switch away from LT, even to patch manually in the meantime if I have to. We do for servers, so we can do for desktops too.