The Benefits of Building Software on an Enterprise Platform

It has been seven months since I started at ServiceNow and I think I’m just beginning to understand the advantage of delivering enterprise applications on a mature platform.

The advantages of building on a consumer platform are well understood and primarily about access to potential customers. If you are building an application, you naturally want to build it on the platform that provides access to the most customers. This is one of the reasons that the Macintosh has become more prominently used by consumers and enterprises over the last 15 years: As the computing platform slowly shifted from Windows apps to web apps, there simply wasn’t as much need to run Windows. This allowed the Macintosh’s superior user experience and reliability to drive buying behavior. (Of course, without Microsoft writing Office for the Mac, none of that would have happened but I digress.)

In contrast, enterprise applications built on an enterprise platform get you speed and robustness. Speed and robustness are critical for emerging enterprise products in a competitive market and they are often interrelated. Let’s get into why.

While working at several startups in product development, I realized that balancing building features to support the reason a venture capitalist wrote you a check and building features that ensure a successful deployment are often completely unrelated. This is because the foundational capabilities enterprises depend on to run a new piece of critical technology are the same capabilities they depend on to run everything else. Scalability, APIs, security, reporting, customization, and certifications are all expected attributes of any piece of software used by Global 2000 organizations. But while developing such capabilities is not novel, it is very time consuming.

So inevitably, you try to balance. This often means focusing as much as you can on the innovation the company was funded to create, while trying to ensure you meet a minimum bar in the requirements common to all enterprise software. Early adopters are often willing to sacrifice some of these foundations but the majority of the market is not. As you transition from these early customers to more established ones, the technology you built has likely morphed considerably to the point that better addressing some of these enterprise capabilities becomes a costly retrofit, robbing an organization of feature velocity often right at the time when your core business is under attack from new competition.

Planning for this eventuality from an architectural standpoint while maintaining growth-fueling innovation is arguably the most important skill an engineering leader needs outside of recruiting top talent. Approaching startup development from the opposite direction (building the foundation requirements first) is even worse as innovation stalls and you exhaust your initial funding before you are able to prove the business.

Which brings us to the point of this essay. Building your new enterprise application on an established platform cheats this Catch-22. Someone else builds the platform before you show up, and you come along and benefit from all their hard work.

A big part of why our new Security Operations capability at ServiceNow is successful in its early days is we have zero resources devoted to enterprise foundations. Those foundations are built by an entirely different and well funded team elsewhere in the company. Also, their output benefits many products, not just mine. Sure we talk to them and pass along requirements from time to time but almost everything we need is already there. Scalability, security, APIs, customization, reporting and so on are free features for us. Our entire business unit is focused on innovation in the security response space which is exactly where our board and investors wants it. This is an essential element of why the expansion of ServiceNow’s core technology into new markets is so exciting. By hiring talent in a new domain area and allowing them to innovate quickly on top of a mature platform, we can build robust new solutions to key business problems that most startups can only dream of.

The counterargument against an enterprise platform is that by building your own enterprise foundations you can build them exactly they way you want. And for certain technology problems, that makes sense; you need to start from scratch. For example, Apple could never have built iOS by starting with a requirement that the phone ran OS X applications. Buyer beware though. The problem I highlighted earlier still stands: while “built from the ground up” is a great tag-line on a data sheet, it often means spending the minimum amount of time possible on those foundations because early customers buy differentiation not robustness.

As enterprises increasingly go cloud and embrace technology the advantages of building on a mature enterprise platform will only grow. As mentioned earlier, when robustness comes almost for free it unlocks amazing feature velocity in your core area of focus. As for me, I’m excited to see how this plays out in my technology area and am curious to hear other’s experiences in building on a platform, or deciding to go it alone.

From Deperimeterization to Borderless Networks

I’ve been embarrassed to see that it has been over a year since my last post on this blog. So why the long delay? Quite honestly my work has been so internally focused within Cisco that there wouldn’t have been much I could say. But as I sit on a plane heading to Networkers (oops I mean Cisco Live!) it seems an appropriate time to reflect on what’s been going on in the land of IT and IT security. I’m spending a lot more time with customers now and I think there are a few conversations worth having on this blog.

When I returned to Cisco in the fall of 2008 I was asked to look into a trend that had troubled many folks: known at the time as “deperimeterization.” The Jericho Forum had coined the term and it struck fear into the hearts of many in the network security industry as it spelled a potential end to rich network security services and pointed towards a world of open and insecure networks interconnecting smart endpoints with security only at the application level.

My investigation into deperimeterization quickly expanded into a look at four interconnected trends: desktop virtualization, software-as-a-service, cloud computing, and IT consumerization. In the 18 months since my initial research these trends have gone from niche issues among a small group of strategists to mainstream concerns that need no explanation.

And what of deperimeterization? Cisco determined that the trend was real but instead of pointing towards open and dumb networks it actually pointed to even more sophisticated networks to enable the interconnection of the myriad devices that need to connect and collaborate. What are these devices’ sole point of commonality? Not their OS; Microsoft’s hegemony on the endpoint will continue to wane as traditional desktop PCs give way to a variety of different computing devices focused on all sorts of vertical applications and use cases. This new crop of devices will run different hardware, software, and not all devices will even have a human operator.

The only thing these devices have in common is that all will have a TCP/IP stack and will make use of a common network. This makes the network the natural architectural choice for the delivery of services across this diverse set of endpoints. Cisco has marshaled enormous resources behind this trend and has named it Borderless Networks. There is much more to say about all of this but I figured Cisco Live is as good a place as any to start the conversation.