Posted by:
admin
12 years, 6 months ago
This week at Secureworld Expo Atlanta, I had the pleasure of hearing Gene Kim talk about Rugged DevOps. When I first ran into Gene, he was with someone I worked with previously at another start-up. That sent me down memory lane.
I was not a co-founder of that start-up, Derivion, but was the COO and wrote their first business plan. This is was early boom times. My first day we drove around Atlanta picking up $100,000 checks from angel investors. As one investor handed us a $100k check, he said "And I do want to see that business plan". I was in awe and retorted "Wow, how big of check do you write after you see a business plan?"
Well, bigger checks. That firm in total raised $70 million. Unfortunately, it burned through that cash and sold for $12 million. It was a typical .com bubble story. I think that the amount of money we raised forced the company to target more and more markets (we did Electronic Bill Presentment and Payment Services). The need to feed the beast meant that no sale would be turned down and no prospect requests ignored. Development was in Canada and Operations and Customer Service (my areas) were in Atlanta. The data center group was constantly getting code for deployments on Friday afternoon for delivery Monday. It was weekends of debugging and re-installing. We had capital, so we threw people at the problems. Didn't fix them. I left in frustration and co-founded another company, called iTendant that did real estate workflow systems for office buildings.
It was still the boom, about Mid-2000. We were able to raise an angel round of $1 million, partly because we had already recruited a team of people - we had the core of a great staff. We did prototypes, start selling and developing. Then, the bubble burst, we realized that things would be tight. We would not have a dedicated systems admin team, for example. The CTO would be responsible for development and operations. Our lead QA was also primary systems admin. If there were bugs in the code, the developers had to respond ASAP, even late at night.
While our focus wasn't on the speed of deployments - it was more on quality - I realized during Gene's talk that we were doing accidental Rugged Devops. Our lack of capital forced us to focus on quality. There was no pushing problems downstream. There was no downstream.
From a financial standpoint, I consider iTendant a tie, which is probably generous. We sold to another company for about the amount of capital that was in the business. It was not great, but it gave everyone an option to keep working. Selling to the office market was just too tough at that time.
From a software standpoint, it was a great success. That code is Rugged. For a long time there was one developer still working for the company, but I'm pretty sure he left a while ago. Yet, the product is still running. It also reinforced my feeling that excess capital can make you lazy. Buy more hardware, hire more people. In reality, you should be seeking to go faster, do more with less all the time.
As an entrepreneur my mantra was always "Do it yourself, then hire someone to do it for you". Leverage people that were smarter, more focused and more specialized than you to scale your company. I still believe that's true, but I first think: how can we automate this so no one has to do it. This discipline will reduce capital expenses and operating expenses, creating a cash flow machine.
Share on Twitter Share on FacebookRecent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)