China Roundup: Enterprise tech gets a lasting boost from coronavirus outbreak

/0 Comments/in /by

Hello and welcome back to TechCrunch’s China Roundup, a digest of recent events shaping the Chinese tech landscape and what they mean to people in the rest of the world. This week, a post from Sequoia Capital sounding the alarm of the coronavirus’s impact on businesses is reaching far corners of tech communities around the world, including China.

Many echo Sequoia’s observation that the companies that are the “most adaptable” are the likeliest to survive. Others cling to the hope of “[turning] a challenging situation into an opportunity to set yourself up for enduring success.”

Two weeks ago I wrote about how the private sector and the government in China are working together to contain the epidemic, bringing a temporary boost to the technology industry. This week I asked a number of investors and founders which of these changes will stand to last, and why.

B2B on the rise

The business-to-business (B2B) space was rarely a hot topic in China until online consumer businesses became relatively saturated in recent times. And now, the COVID-19 epidemic has unexpectedly breathed life into the once-boring field, which stretches from virtual meetings, online education, digital healthcare, cybersecurity, telecommunications, logistics to smart cities, analysis from investment firm Yunqi Partners shows.

For one, there is an obvious opportunity for remote collaboration tools as people work from home. Downloads of indigenous work apps like Dingtalk, WeChat Work, TikTok’s sister Lark as well as America’s Zoom jumped exponentially amid the health crisis. While some argue that the boom is overblown and will dissipate as soon as businesses are back to normal, others suggest that the shift in behavior will endure.

Like other work collaboration services, Zoom soared in China amid the coronavirus outbreak, jumping from No. 180 in late January to No. 28 as of late February in overall app installs. Data: App Annie 

“People are reluctant to change once they form a new habit,” suggests Joe Chan, partner at Hong Kong-based Mindworks Ventures. The virus outbreak, he believes, has educated the Chinese masses to work remotely.

“Meeting in person and through Zoom both have their own merits, depending on the social norm. Some people are used to thinking that relationships need to be established through face-to-face encounters, but those who don’t hold that view will have fewer meetings. [The epidemic] presents a chance for a paradigm shift.”

But changes are slow

Growth in enterprise businesses might be less visible than what China witnessed over the SARS epidemic that fueled internet consumer verticals such as ecommerce. That’s because software-as-a-services (SaaS), cloud computing, health tech, logistics and other enterprise-facing services are intangible for most consumers.

“Compared to changes in consumer behavior, the adoption of new technologies by enterprises happen at a slower pace, so the impact of coronavirus on new-generation innovations [B2B] won’t come as rapidly and thoroughly as what happened during SARS,” contended Jake Xie, vice president of investment at China Growth Capital.

Xie further suggested that the opportunities presented by the outbreak are reserved for companies that have been steadily investing in the field, in part because enterprise services have a longer life cycle and require more capital-intensive infrastructure. “Opportunists don’t stand a chance,” he concluded.

As for changing consumer behavior, such as the uptick in grocery delivery usage by seniors trapped indoors, the impact might be short-lived. “The only benefit that the epidemic brings to these apps is getting more people to try their services. But how many of them will stay? The argument that people will keep using these apps over concerns of getting sick in offline markets is unsubstantiated. The strength of a business lies in its ability to solve user problems in the long term, for example, providing affordability and convenience,” suggested Derek Shen, chairman of Danke Apartment, the Chinese co-living startup slated to list on NYSE.

Summoned by Beijing

The adjacent sector of enterprise services — at-scale technologies tailored to energizing government functions — has also seen traction over the course of the epidemic. Private firms in China have teamed up with regional authorities to better track people’s movements, ramp up facial recognition capacities aimed at a mask-wearing public, develop contact-free consumer experience, among other measures.

Tech firms touting services to the government are no stranger to criticisms concerning the lack of transparency in how user data is used. But the appeal to private firms is huge, not only because state contracts tend to provide a steady stream of long-term revenue, but also that certain public-facing projects can be billed as a fulfillment of corporate social responsibilities. Following the virus outbreak, Chinese tech companies of all sizes hastened to offer contributions, with efforts ranging from making monetary donations to building tools that keep the public informed.

On the flip side, the government also needs private help in emergency management. As prominent Chinese historian Luo Xin poignantly pointed out in podcast SurplusValue’s recent episode [1:00:00], some of the most efficient and effective responses to the public health crisis came not from the government but the private sector, whether it is online retailer JD.com or logistics firm SF Express delivering relief supplies to the epicenter of the outbreak.

That said, Luo argued there are signs that some local authorities’ tendency to centralize control is getting in the way of private efforts. For example, some government offices have stumbled in their attempts to develop crisis management systems from scratch, overlooking a pool of readily available and proven infrastructure powered by the country’s tech giants.

U.S. Govt. Makes it Harder to Get .Gov Domains

/0 Comments/in /by

The federal agency in charge of issuing .gov domain names is enacting new requirements for validating the identity of people requesting them. The additional measures come less than four months after KrebsOnSecurity published research suggesting it was relatively easy for just about anyone to get their very own .gov domain.

In November’s piece It’s Way Too Easy to Get a .gov Domain Name, an anonymous source detailed how he obtained one by impersonating an official at a small town in Rhode Island that didn’t already have its own .gov.

“I had to [fill out] ‘an official authorization form,’ which basically just lists your admin, tech guy, and billing guy,” the source said. “Also, it needs to be printed on ‘official letterhead,’ which of course can be easily forged just by Googling a document from said municipality. Then you either mail or fax it in. After that, they send account creation links to all the contacts.”

While what my source did was technically wire fraud (obtaining something of value via the Internet through false pretenses), cybercriminals bent on using fake .gov domains to hoodwink Americans likely would not be deterred by such concerns.

“I never said it was legal, just that it was easy,” the source told KrebsOnSecurity. “I assumed there would be at least ID verification. The deepest research I needed to do was Yellow Pages records.”

Now, Uncle Sam says in a few days all new .gov domain applications will include an additional authorization step.

“Effective on March 10, 2020, the DotGov Program will begin requiring notarized signatures on all authorization letters when submitting a request for a new .gov domain,” reads a notice published March 5 by the U.S. General Services Administration, which overseas the .gov space.

“This is a necessary security enhancement to prevent mail and wire fraud through signature forgery in obtaining a .gov domain,” the statement continues. “This step will help maintain the integrity of .gov and ensure that .gov domains continue to be issued only to official U.S. government organizations.”

The GSA didn’t say whether it was putting in place any other safeguards, such as more manual verification of .gov domain applications. It certainly hadn’t followed up on the fraudulent application from my source before granting him the .gov domain name he sought (exeterri[.]gov). The GSA only did that four days after I asked them for comment, and approximately 10 days after they’d already granted the phony domain request.

“GSA is working with the appropriate authorities and has already implemented additional fraud prevention controls,” the agency said in a written statement at the time, without elaborating on what those additional controls might be.

But I’m left to wonder: If I’m a bad guy who’s willing to forge someone’s signature and letterhead in a fraudulent application for a .gov domain, why wouldn’t I also be willing to fake a notarization? Especially when there are plenty of services in the cybercrime underground that specialize in spoofing these phony attestations for a small fee.

“This is a classic case of ‘we must do something’ and this is certainly something,” said John Levine, a domain name expert, consultant and author of the book The Internet for Dummies.

Levine said it would not be terribly difficult for the GSA to do a slightly more thorough job of validating .gov domain requests, but that some manual verification probably would be required. Still, he said, it’s not clear how big a threat fake .gov domains really are.

“As far as we know, only one person tried to fake a .gov,” Levine said. “Maybe this is good enough?”

The Cybersecurity and Infrastructure Security Agency, a division of the U.S. Department of Homeland Security, has argued that more needs to be done to secure the .gov domain space, and is making a play to wrest control over the process from the GSA.

The DOTGOV bill, introduced in October 2019, would “ensure that only authorized users obtain a .gov domain, and proactively validate existing .gov holders,” according to a statement CISA shared with this author last year.

The Good, the Bad and the Ugly in Cybersecurity – Week 10

/0 Comments/in /by

The Good

International crime rings are responsible for the worst type of criminal activities. Perhaps the most hideous of these is Child Sexual Exploitation and Abuse. The internet in general, and the dark web in particular, has allowed the “consumers” (pedophiles, sex offenders) and the “producers” to interact in a stealthy manner, and to escape the long hand of law enforcement agencies. Moreover, since these crimes involve multiple geographies it was assumed that the chances of perpetrators being caught and brought to justice were slim. That’s why we are so pleased to hear that member states of the “Five Eyes” (Australia, Canada, New Zealand, the UK, and the US ) and six major tech firms (Facebook, Google, Microsoft, Roblox, Snap and Twitter) are working together to combat online child exploitation and abuse. This week, the tech firms signed up to implementing a new framework, published in the document “Voluntary Principles to Counter Online Child Sexual Exploitation and Abuse”, across all their platforms.

The framework consists of 11 principles grouped into seven categories; together, they aim to reduce the potential malicious use of social media and internet technologies to search for and distribute such materials. Cooperation between tech giants and law enforcement agencies is not trivial, and we hope it will foster an atmosphere of trust and information sharing that will have a substantial impact on reducing if not eliminating the very worst kind of all cyber crimes.   

image containing information about targeting live streaming from the framework document

Indeed, while international cooperation is imperative for fighting global criminal activities in general, alone it’s not enough. When it comes to battling cyber crime and offensive cyber activities, speed and knowledge sharing are of the essence. This is why Estonia, Lithuania, Croatia, Poland, the Netherlands and Romania have joined forces and agreed to create European Union Cyber Rapid Response Teams (CRRTs), led by Lithuania. The CRRT teams will be ready to intervene in the “neutralization and investigation of dangerous cyber incidents virtually or, if necessary, physically,” the Lithuanian Defense Ministry said in a press release. A great week for the good guys.

The Bad

It is almost two years since the introduction of GDPR (May 2018), but it seems that some companies have yet to grasp the full damage resulting from data breaches. The regulation was intended to improve the state of data security and privacy, but judging by recent events, it seems that companies still need more time to implement the right safeguards or that they have chosen to simply pay the associated fines instead of achieving high levels of security to prevent such breaches. Carrier T-Mobile has announced a data breach that exposed personal and financial information of some of its customers. The breach was caused by an email vendor being hacked, and the data leak contained social security numbers, financial information, government ID numbers, billing information, and rate plans. Affected customers were informed via text message.

image of text message alert from T-Mobile to customers stating that a data breach had occurred

This is not the first time T-Mobile has suffered such an incident. The previous one happened less than 2 years ago. Not to be outdone, the British media giant Virgin Media has announced that a massive database, containing the personal details of 900,000 people, was left unsecured and accessible online for 10 months. During this time, it was accessed at least once. Not that it took any hacking skills to do it; the company admits that the database was not protected due to human error which led to “misconfiguration”. It was compiled for marketing purposes and contained phone numbers, home and email addresses.

The Ugly

The world seems to be in turmoil nowadays, with more and more countries entering the “Corona Impact Zone”. As if that wasn’t bad enough, there will always be people who try to capitalize from the situation. And where best to test and gain from this epidemic than in Italy, the country hit the hardest (so far) outside of Asia.

A recent malware campaign reached about 10% of all the organizations in Italy by disguising a malicious attachment as an official document by the World Health Organization containing all the necessary precautions to take against coronavirus infection.

image of request from MS Office to enable macros Source

Opening the document results in a request to “Enable Editing” and “Enable Content”. If granted, the TrickBot banking trojan installs itself on the user’s machine. It is yet another example of how cybercriminals will cynically exploit whatever opportunity comes their way. The good news is that unlike the actual virus, this pest can easily be avoided by practicing good cyber hygiene.

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

SaaStr postpones annual conference as county officials discourage large gatherings

/0 Comments/in /by

SaaStr, the venture firm that puts on the largest conference for SaaS companies, postponed its SaaStr Annual 2020 conference today amid concerns from local and national officials around large gatherings in light of the COVID-19 virus. The event was scheduled to take place next week.

On March 5th, Santa Clara County issued updated guidelines that included, “[Minimizing] the number of employees working within arm’s length of one another, including minimizing or canceling large in-person meetings and conferences.”

Company founder Jason Lemkin said his team was prepared to go forward and had put stringent safeguards in place. “We put in place health and safety measures no one else in the industry equaled, but once the County made its statement, we needed to reschedule,” he told TechCrunch.

They outlined the health guidelines for the event in an article on the company website earlier this week, including not allowing anyone from a hot zone to attend, passport checks to enforce that, temperature checks and more. As Lemkin tweeted:

The event will now be folded into the company’s fall conference, which they say will be even bigger now, while replacing the company’s annual Scale conference. “Following that [guidance from Santa Clara County] and guidance from the CDC, and the growing escalation of the Covid-19 outbreak around the world and in the United States, SaaStr Annual must now be rescheduled and merged with our existing fall event into a new, less formal ‘SaaStr Bi-Annual’ to take place in September 2020,” the company wrote in a statement.

Lemkin expressed frustration with authorities today on Twitter about the lack of leadership on this:

The event included some of the biggest names in SaaS, from Jennifer Tejada of PagerDuty and Aaron Levie of Box and many more. It’s an event that’s designed to help SaaS companies of all sizes discuss the issues facing them, in one place, with panels, interviews and sessions. Many other tech conferences are being cancelled as well, including SXSW.

What to consider when employees need to start working remotely

/0 Comments/in /by

The COVID-19 crisis is touching all aspects of society, including how we work. In response, many companies are considering asking some percentage of their workforce to work remotely until the crisis abates.

If your organization doesn’t have a great deal of experience with remote work, there are a number of key things to think about as you set up a program. You are going to be under time constraints when it comes to enacting an action plan, so think about ways to leverage the tools, procedures and technologies you already have in place. You won’t have the luxury of conducting a six-month study.

We spoke to a few people who have been looking at the remote working space for more than a decade and asked about the issues companies should bear in mind when a large number of employees suddenly need to work from home.

The lay of the land

Alan Lepofsky, currently VP of Salesforce Quip, has studied the remote work market for more than a decade. He says there are three main pieces to building a remote working strategy. First, managers need to evaluate which tools they’ll be using to allow employees to continue collaborating when they aren’t together.

Oribi brings its web analytics platform to the US

/0 Comments/in /by

Oribi, an Israeli startup promising to democratize web analytics, is now launching in the United States.

While we’ve written about a wide range of new or new-ish analytics companies, founder and CEO Iris Shoor said that most of them aren’t built for Oribi’s customers.

“A lot of companies are more focused on the high end,” Shoor told me. “Usually these solutions are very much based on a lot of technical resources and integrations — these are the Mixpanels and Heap Analytics and Adobe Marketing Clouds.”

She said that Oribi, on the other hand, is designed for small and medium businesses that don’t have large technical teams: “They have digital marketing strategies that are worth a few hundred thousand dollars a month, they have very large activity, but they don’t have a team for it. And I would say that all of them are using Google Analytics.”

Shoor described Oribi as designed specifically “to compete with Google Analytics” by allowing everyone on the team to get the data they need without requiring developers to write new code for every event they want to track.

Event Correlations

In fact, if you use Oribi’s plugins for platforms like WordPress and Shopify, there’s no coding at all involved in the process. Apparently, that’s because Oribi is already tracking every major event in the customer journey. It also allows the team to define the conversion goals that they want to focus on — again, with no coding required.

Shoor contrasted Oribi with analytics platforms that simply provide “more and more data” but don’t help customers understand what to do with that data.

“We’ve created something that is much more clean,” she said. “We give them insights of what’s working; in the background, we create all these different queries and correlations about which part of the funnels are broken and where they can optimize.”

There are big businesses using Oribi already — including Audi, Sony and Crowne Plaza — but the company is now turning its attention to U.S. customers. Shoor said Oribi isn’t opening an office in the United States right away, but there are plans to do so in the next year.

When and how to build out your data science team

COVID-19 Outbreak | Employees Working from Home? It’s Time to Prepare

/0 Comments/in /by

Don’t Let Security Be A Casualty of Supporting Remote Workers

The Covid-19 (novel Coronavirus) outbreak is having a major impact on businesses this quarter and, by all accounts, is set to be a major challenge for enterprise throughout the rest of the financial year. The US CDC (Center for Disease Control) hinted that it may be necessary to implement “social distancing measures”. At present, its official advice is that employees with symptoms should be encouraged to telework where possible and companies should prepare to have “the information technology and infrastructure needed to support multiple employees” working from home. Some large enterprises, IBM, Goldman Sachs, PwC, and Twitter among them have already gone a step further and preemptively instructed all employees to work remotely where possible. 

In providing the infrastructure and support for large-scale teleworking, organizations need to prepare themselves and their employees for the increased cyber security risks such a shift can bring. In this post, we outline some of the challenges and best practices for staff suddenly faced with a transition from office-based work to remote work.

Physical Security of Company Devices

First of all, it’s important to note that just because employees won’t be working from the office doesn’t mean they won’t travel or work in public places. When doing so, employees are exposing themselves to a greater risk of losing their laptops and all the data that resides locally.

Do – Ensure all devices that support it use full disk encryption. If a machine is lost, the data on the device should not be accessible to thieves.

Do – Implement robust password management for laptop access. All accounts on the device should require unique login credentials, and where practical user accounts should be restricted to non-Admin privileges.

Do – Remind employees to log out whenever the system is not in use, even at home. Screensavers should also require a password. Encourage employees to remember and use handy keyboard shortcuts like Win-L (Windows) and  Ctl-Cmd-Q (Mac) to quickly lock the screen whenever they step away from the computer.

Do – Remind staff of the necessity of basic security practices, such as ensuring that they don’t leave company property unattended in public places. Remind your employees not to be that Starbucks customer who goes to the counter for a refill while leaving an open laptop on the table. When working on the laptop in a public place, staff always need to be aware of those around them.

Access To Company Networks

When accessing corporate networks remotely, there is a higher risk of unauthorized access and data leakage. Employees may engage in behavior they never would do at the office, such as sharing a device with other family members or using the same device for both personal and work activities. In addition, the use of Home ISPs and public Wifi services present an attack surface that is outside of your IT or security team’s control. 

Do – Use a VPN to connect remote workers to enterprise networks and servers. A virtual private network provides a direct connection as if the remote device were connected to the organization’s LAN. The encrypted communications cannot be spied upon by the user’s home ISP and can prevent a ‘man-in-the-middle’ type attack.

Do – Implement a 2FA or MFA mechanism for logging in to the company network. Short-time code generators like Google and Microsoft Authenticator should be in use wherever possible to minimize the risk of compromise through credential theft or phishing.

Do – Remind staff that a laptop used at home is still company property and should only be used by authorized personnel for company business. Any non-work related activity should be conducted on the employee’s own devices.

Authorizing Financial Transactions

The biggest financial losses due to cyber crime occur through Business Email Compromise (BEC/EAC), where attackers take over or spoof the account of a senior manager or executive, and use that account to instruct another member of staff via email to make a wire transfer to an overseas account, usually on the pretext of paying a phoney invoice. An increased number of staff working remotely presents an opportunity for BEC fraud, as the whole scam relies on communications that are never confirmed in person.

Do – Restrict the number of people authorized to conduct new, overseas wire transfers, and ensure that all new requests are subject to secondary confirmation. 

Do – Make use of teleconferencing technology (Skype, Zoom, and similar) to ensure that financial transactions are actually coming from a legitimate, senior member of staff. 

Susceptibility to Phishing Campaigns

Phishing campaigns are a threat for all employees whether they are based in-house or remote, but for workers who are unused to working ‘home alone’ and are now dealing with an increase in email and other text-based communications, it can be easier for them to lose perspective on what is genuine and what is a scam. In particular, with a rise in malspam playing exactly on fears of Coronavirus from the “usual suspects” like Emotet and TrickBot, remote workers need to be extra-vigilant.

Do – Train staff to habitually inspect links before clicking by hovering over them with the pointer to see the actual URL destination.

Do – Train staff to deny requests to enable Macros when opening email attachments. Ideally, use an advanced EPP/EDR security solution that can enforce a policy to prevent Macro execution or block malicious content if it is executed by the user. CDR (Content Disarm and Reconstruction) software can also help protect against exploits and weaponized content in emails and other external sources.

Protecting Endpoints From Malware

Unlike the desktop computers in your office, which likely never connect to any other network than the company intranet, portable devices like laptops and smartphones used by remote workers can have a history of network promiscuity. If such devices are unprotected, you never really know where they have been, what they have been connected to, what peripheral devices have been plugged into them or what processes they are running. All the measures mentioned above won’t prevent a network breach if a user with an infected device logs on to the corporate network.

Do – Protect all your endpoints with a trusted, next-gen security solution that acts locally on the device itself and does not require cloud connectivity.

Do – Protect your endpoints by enforcing device control that gives you the capability to manage the use of USB and other peripheral devices across all your endpoints.

Do – Ensure you have visibility across your entire network so that you can detect unprotected devices and receive notifications of anomalous behavior.

Conclusion

Telework or telecommuting need not impact employee productivity or security, and many organizations will have some experience of supporting remote work at some scale. The challenge presented by the ongoing Covid-19 outbreak is that your organization could have to support a rapid, large-scale shift to remote work, involving employees who are typically office-based and not used to the different demands that working from home can bring. When routines get upset, security is often an early casualty. Make sure your employees understand and are prepared for the additional security challenges of remote work if they are requested or required to work from home during the current health emergency.

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

$75M legal startup Atrium shuts down, lays off 100

/0 Comments/in /by

Justin Kan’s hybrid legal software and law firm startup Atrium is shutting down today after failing to figure out how to deliver better efficiency than a traditional law firm, the CEO tells TechCrunch exclusively. The startup has now laid off all its employees, which totaled just over 100. It will return some of its $75.5 million in funding to investors, including Series B lead Andreessen Horowitz. The separate Atrium law firm will continue to operate.

“I’m really grateful to the customers and the team members who came along with me and our investors. It’s unfortunate that this wasn’t the outcome that we wanted but we’re thankful to everyone that came with us on the journey,” said Kan. He’d previously founded Justin.tv, which pivoted to become Twitch and later sold to Amazon for $970 million. “We decided to call it and wind down the startup operations. There will be some capital returned to investors post wind-down,” Kan told me.

Atrium had attempted a pivot back in January, laying off its in-house lawyers to become a more pure software startup with better margins. Some of its lawyers formed a separate standalone legal firm and took on former Atrium clients. But Kan tells me that it was tough to regain momentum coming out of that change, which some Atrium customers tell me felt chaotic and left them unsure of their legal representation.

More layoffs quietly ensued as divisions connected to those lawyers were eliminated. But trying to build software for third-party lawyers, many of whom have entrenched processes and older leadership, proved difficult. The streamlined workflows may not have seemed worth the thrash of adopting new technology.

“If you look at our original business model with the verticalized law firm, a lot of these companies that have this kind of full stack model are not going to survive,” Kan explained. “A lot of these companies, Atrium included, did not figure out how to make a dent in operational efficiency.”

[Update 3/4 5:15pm pacific: Kan has now publicly announced the shut down.]

Disrupting law firms proves difficult

Founded in 2017, Atrium built software for startups to navigate fundraising, hiring, acquisition deals and collaboration with their legal team. Atrium also offered in-house lawyers that could provide counsel and best practices in these matters. The idea was that the collaboration software would make its lawyers more efficient than a traditional law firm so they could get work done faster, translating to savings for clients and Atrium.

Atrium’s software included Records, a Dropbox-esque system for keeping track of legal documents, and Hiring, which instantly generated employment offer letters based on details punched into a form while keeping track of signatures. The startup hoped it could prevent clients and lawyers from wasting time digging through email chains or missing a sign-off that could put them in legal jeopardy.

The company tried to generate client leads by hosting fundraising workshops for startups, starring Kan and his stories from growing Twitch. A charismatic leader with a near-billion-dollar exit under his belt, investors and founders alike were quick to buy into Kan’s vision and advice. Startups saw Atrium as an ally with industry expertise that could help them avoid dirty term sheets or botched hires.

But keeping a large squad of lawyers on staff proved costly. Atrium priced packages of its software and legal assistance under subscriptions, with momentous deals like acquisitions incurring add-on fees. The model relied less on milking clients with steep hourly rates measured down to six-minute increments like most law firms.

Yet eliminating the busywork for lawyers through its software didn’t materialize into bountiful profits. The pivot sought to create a professional services network where Atrium could route clients to attorneys. The layoffs had shaken faith in the startup as clients demanded stability, lest they be caught without counsel at a tough time.

Rather than trudge on, Kan decided to fold the company. The standalone Atrium law firm will continue to operate under partners Michel Narganes and Matthew Melville, but the startup developing legal software is done.

Atrium’s implosion could send ripples through the legal tech scene, and push other entrepreneurs to start with a more focused software-only approach.

Zendesk’s latest tools designed to give fuller view of the customer

/0 Comments/in /by

Like many technology companies, Zendesk made the tough decision to cancel its Zendesk Relate customer conference this week in Miami amid COVID-19 health concerns. That doesn’t mean the announcements didn’t happen though, even if the conference didn’t, and today the company announced a major update to its Sunshine development platform.

You may recall that the company, which is widely known for its help desk software, made the move to CRM when it acquired Base in September 2018. A little later that year, it announced the Sunshine platform, which customers could use to build applications on top of the Zendesk platform.

It has been working to integrate the CRM tool more broadly into the platform, and today’s announcement is about giving Zendesk users a broader view of its customers. Zendesk has a great amount of data at its disposal about the customer’s likes and dislikes based on interactions with the help desk side of the house, and Zendesk CEO Mikkel Svane sees the two sides being interconnected. At the same time, he’s embracing the idea of this all taking place in the public cloud on AWS.

“Our vision is really to have all the components, all the infrastructure, all the business logic that you need to build a customer experience, and customer relationship management applications, all on the Sunshine platform, all living natively on AWS,” Svane told TechCrunch.

All of this is in service of giving customers a better experience based on what you know about them. He said that the goal today is to retain and satisfy the customer, and the platform is designed to give them the data they need to help do that.

“In the old days, you went out and you bought a product, and that was kind of the end of the transaction. Today, through the convenience economy, through the subscription economy, it’s more about your long-term engagement with a vendor,” he explained.

He sees the platform helping pull all of this data together, while recognizing and acknowledging the challenges involved here. In fact, he is reluctant to call it a complete picture, calling that a false narrative other vendors are putting out.

“We do want to help our customers extract all the relevant information and to try and create a picture that is helpful across all these different channels, but we also know that the reality of it is that you have so many disparate systems right now,” he said.

He sees his platform with the engagement data on one side and the customer record on the other as a good starting point for this. “I think there’s a lot you can do to collect a lot of information and have an abstraction layer, and that’s what we try to do with Sunshine. We want to have an abstraction layer where you start working and seeing all of this data to get insights into your customer. And I think that’s much better start.”

Zendesk expands into CRM with Base acquisition

Netlify nabs $53M Series C as microservices approach to web development grows

/0 Comments/in /by

Netlify, the startup that wants to kill the web server and change the way developers build websites, announced a $53 million Series C today.

EQT Ventures Fund led the round with contributions from existing investors Andreessen Horowitz and Kleiner Perkins and newcomer Preston-Werner Ventures. Under the terms of the deal Laura Yao, deal partner and investment advisor at EQT Ventures will be joining the Netlify board. The startup has now raised $97 million, according to the company.

Like many startups recently, Netlify’s co-founder Chris Bach says they weren’t looking for new funding, but felt with the company growing rapidly, it would be prudent to take the money to help continue that growth.

While Bach and CEO Matt Biilmann didn’t want to discuss valuation, they said it was “very generous” and in line with how they see their business. Neither did they want to disclose specific revenue figures, but did say that the company has tripled revenue three years running.

One thing fueling that growth is the sheer number of developers joining the platform. When we spoke to the company for its Series B in 2018, it had 300,000 sign-ups. Today that number has ballooned to 800,000.

As we wrote about the company in a 2018 article, it wants to change the way people develop web sites:

“Netlify has abstracted away the concept of a web server, which it says is slow to deploy and hard to secure and scale. By shifting from a monolithic website to a static front end with back-end microservices, it believes it can solve security and scaling issues and deliver the site much faster.”

While developer popularity is a good starting point, getting larger customers on board is the ultimate goal that will drive more revenue, and the company wants to use its new injection of capital to build the enterprise side of the business. Current enterprise customers include Google, Facebook, Citrix and Unilever.

Netlify has grown from 38 to 97 employees since the beginning of last year and hopes to reach 180 by year’s end.

Netlify just got $30 million to change the way developers build websites