Should you hire an in-house designer or a contractor?

Editor’s note: This post is a part of our latest initiative to demystify design and find the best brand designers and agencies in the world who work with early-stage companies — nominate a talented brand designer you’ve worked with.

During a decade as the manager of the in-house design team at open-source technology company Red Hat, Chris Grams learned that brand design is best when informed by a company’s culture and community.

He felt a natural push toward an open, collaborative attitude, distinct from how many companies approached design at that time. It was the early 2000s, and most companies saw their interactions with customers as a one-way street. In open source, it was an intersection.

“You almost break down the company and the community of people who surround the brand,” says Grams, currently head of marketing at Tidelift, an open-source software management firm, and author of The Ad-Free Brand. “Now it feels like pretty standard operating procedure for the best brands that have the best relationship with their communities.”

This shift has a large influence on the question of when you should hire an in-house designer versus a contractor to do your branding design.

Three reasons to go in-house

After leaving Red Hat in 2009, Grams helped start New Kind, a branding agency that provides contract design services mostly to tech companies. This new vantage point allowed him to see drawbacks and advantages for companies in outsourcing design versus bringing it in-house.

One of the key benefits of in-housing is the designer’s intimacy with the deeply held values and culture of the company, which makes their branding work feel more authentic.

“The internal agency’s power really reveals itself when people are deeply part of the mission of the company,” says Grams. “It comes through in the work. You get an amazing work product.”

The second benefit, especially for tech companies, is the depth of understanding in-house designers can develop about the company’s products and services. And the third is that a dedicated in-house designer can be directed as needed to respond to pressing priorities.

“You can have them stop on a dime,” says Grams. “Say a competitor comes out with a big launch and you need to have something out within 24 hours. You can work on it right away.”

These are real benefits, but they may not outweigh the advantages of contracting out your design to a high-quality agency.

The benefits of using an agency

A major benefit of an agency is that you can hire people with a level of expertise and variety of skills that would be out of reach for an in-house team. When Grams was at New Kind, for example, “we had a combined 30 years of experience with open-source branding work,” he says.

An agency can also provide the bandwidth to take on non-priority tasks such as a rebrand or a special series that in-house teams are often too work-strapped to take on.

Hiring an agency also has advantages in terms of flexibility and cost. The ability to customize the timing and amount of design work to your needs can be less expensive over time, even if each working hour is more expensive.

“You can ramp down and ramp up with an agency,” says Grams. “It’s impossible to do that with people… You’re paying that extra margin to have that flexibility.”

There’s a lot to think about, but Grams advises prioritizing the need for your design to be authentic to your culture… or not.

“I think the biggest thing is the power of your culture, frankly,” says Grams. “If you have a company where culture is not an asset, I would not build an in-house design team… But if you’re building a mission-driven organization or an organization where culture is super important, that’s where I would take an extra-long look at building an internal agency.”

Let’s block ads! (Why?)

Link to original source

Tetrate nets $12.5 million to bring microservices to the corporate masses

Tetrate, a company bringing commercial services and support to the open source projects –Istio and Envoy — providing network management functions for the microservices that make up modern mobile applications, has launched with $12.5 million in new financing.

The company, founded by top engineers at Google who started the Istio project, raised its initial financing from a slew of institutions and big names in enterprise software including Pankaj Patel, Former Chief Development Officer at Cisco; Guido Appenzeller, Former CTO Cloud & Networking at VMware; BV Jagadeesh, founder and CEO of Netscaler and Shiva Rajaraman, Chief Product Officer of WeWork.

On the institutional investment side, Dell Technologies Capital led the financing, which also included Intel Capital, Samsung NEXT, 8VC, and Rain Capital.

Tetrate was able to bring this motley band of investors together to back its foray into professionalizing services and support around a toolkit that’s helping to redefine application development.

The company is supporting open source projects Istio and Envoy, which developers use to create what’s called a “service mesh” that orchestrates how microservices on a distributed data center platform communicate with one another and work together as part of an application.

It’s corollary in the old software world that I initially wrote about would be the middleware layer for in a client-server architecture. (Much of this was foreign to me before I read this excellent primer from ZDNet, which spelled out a lot of what’s going on for me).

One of the key things that microservices address, and that Tetrate will provide support for, is to support the management of different microservices at scale.

Think of the service mesh as the toolkit that keeps microservices communicating with each other and enabling applications at the level of executable code. So tools like Istio are used to manage the network without impacting the services that are running on top of it.

Tetrate was actually founded by some of the architects behind the development of Istio. “I was at Google for the last ten years most recently working as a product manager in Google Cloud,” says Tetrate co-founder and chief executive Varun Talwar. Indeed, Google was where Talwar and his colleagues developed the Istio toolkit.

Talwar says that the Istio toolkit was born out of the needs of the developers in the Kubernetes community. “It decouples the operations from the development,” Talwar says of the Istio service. “You can apply policy management.”

Talwar and his colleagues took the covers off the Istio project in May of 2017 at Glucon and brought in big names to support its use including IBM and Red Hat (now IBHat? RedBM?). A little less than one year later, Talwar left Google to start Tetrate.

Now, with the new financing from its backers, Tetrate is going to bring enterprise-grade extensibility, scalability, and performance to the open source tools that its founders helped develop, according to a statement.

“Customers are going through a journey of modernization and public cloud adoption,” said Talwar, in a statement. “Tetrate’s mission is to create the tools and technologies that help customers with availability and manageability of their applications as they undergo this transformation.”

The company is releasing a set of certified builds of envoy proxy and other open source tools to speed the adoption of microservices development in businesses. The company is also partnering with Google and the Cloud Native Computing Foundation for operating hybrid computing environments with Istio.

“Open source should be an integral part of any company’s software and operations strategy today,” said Envoy founder and Lyft Engineer Matt Klein, in a statement. “Interoperability will be the key factor in the next phase of cloud adoption, so having deep roots within the open source community gives Tetrate instant credibility among cloud-first companies.”

Let’s block ads! (Why?)

Link to original source

Google and IBM still trying desperately to move cloud market share needle

When it comes to the cloud market, there are few known knowns. For instance, we know that AWS is the market leader with around 32 percent of market share. We know Microsoft is far back in second place with around 14 percent, the only other company in double digits. We also know that IBM and Google are wallowing in third or fourth place, depending on whose numbers you look at, stuck in single digits. The market keeps expanding, but these two major companies never seem to get a much bigger piece of the pie.

Neither company is satisfied with that, of course. Google so much so that it moved on from Diane Greene at the end of last year, bringing in Oracle veteran Thomas Kurian to lead the division out of the doldrums. Meanwhile, IBM made an even bigger splash, plucking Red Hat from the market for $34 billion in October.

This week, the two companies made some more noise, letting the cloud market know that they are not ceding the market to anyone. For IBM, which is holding its big IBM Think conference this week in San Francisco, it involved opening up Watson to competitor clouds. For a company like IBM, this was a huge move, akin to when Microsoft started building apps for iOS. It was an acknowledgement that working across platforms matters, and that if you want to gain market share, you had better start thinking outside the box.

While becoming cross-platform compatible isn’t exactly a radical notion in general, it most certainly is for a company like IBM, which if it had its druthers and a bit more market share, would probably have been content to maintain the status quo. But if the majority of your customers are pursuing a multi-cloud strategy, it might be a good idea for you to jump on the bandwagon — and that’s precisely what IBM has done by opening up access to Watson across clouds in this fashion.

Clearly buying Red Hat was about a hybrid cloud play, and if IBM is serious about that approach, and for $34 billion, it had better be — it would have to walk the walk, not just talk the talk. As IBM Watson CTO and chief architect Ruchir Puri told my colleague Frederic Lardinois about the move, “It’s in these hybrid environments, they’ve got multiple cloud implementations, they have data in their private cloud as well. They have been struggling because the providers of AI have been trying to lock them into a particular implementation that is not suitable to this hybrid cloud environment.” This plays right into the Red Hat strategy, and I’m betting you’ll see more of this approach in other parts of the product line from IBM this year. (Google also acknowledged this when it announced a hybrid strategy of its own last year.)

Meanwhile, Thomas Kurian had his coming-out party at the Goldman Sachs Technology and Internet Conference in San Francisco earlier today. Bloomberg reports that he announced a plan to increase the number of salespeople and train them to understand specific verticals, ripping a page straight from the playbook of his former employer, Oracle.

He suggested that his company would be more aggressive in pursuing traditional enterprise customers, although I’m sure his predecessor, Diane Greene, wasn’t exactly sitting around counting on inbound marketing interest to grow sales. In fact, rumor had it that she wanted to pursue government contracts much more aggressively than the company was willing to do. Now it’s up to Kurian to grow sales. Of course, given that Google doesn’t report cloud revenue it’s hard to know what growth would look like, but perhaps if it has more success it will be more forthcoming.

As Bloomberg’s Shira Ovide tweeted today, it’s one thing to turn to the tried and true enterprise playbook, but that doesn’t mean that executing on that approach is going to be simple, or that Google will be successful in the end.

These two companies obviously desperately want to alter their cloud fortunes, which have been fairly dismal to this point. The moves announced today are clearly part of a broader strategy to move the market share needle, but whether they can or the market positions have long ago hardened remains to be seen.

Let’s block ads! (Why?)

Link to original source

How open source software took over the world

It was just 5 years ago that there was an ample dose of skepticism from investors about the viability of open source as a business model. The common thesis was that Redhat was a snowflake and that no other open source company would be significant in the software universe.

Fast forward to today and we’ve witnessed the growing excitement in the space: Redhat is being acquired by IBM for $32 billion (3x times its market cap from 2014); Mulesoft was acquired after going public for $6.5 billion; MongoDB is now worth north of $4 billion; Elastic’s IPO now values the company at $6 billion; and, through the merger of Cloudera and Hortonworks, a new company with a market cap north of $4 billion will emerge. In addition, there’s a growing cohort of impressive OSS companies working their way through the growth stages of their evolution: Confluent, HashiCorp, DataBricks, Kong, Cockroach Labs and many others. Given the relative multiples that Wall Street and private investors are assigning to these open source companies, it seems pretty clear that something special is happening.

So, why did this movement that once represented the bleeding edge of software become the hot place to be? There are a number of fundamental changes that have advanced open source businesses and their prospects in the market.

David Paul Morris/Bloomberg via Getty Images

From Open Source to Open Core to SaaS

The original open source projects were not really businesses, they were revolutions against the unfair profits that closed-source software companies were reaping. Microsoft, Oracle, SAP and others were extracting monopoly-like “rents” for software, which the top developers of the time didn’t believe was world class. So, beginning with the most broadly used components of software – operating systems and databases – progressive developers collaborated, often asynchronously, to author great pieces of software. Everyone could not only see the software in the open, but through a loosely-knit governance model, they added, improved and enhanced it.

The software was originally created by and for developers, which meant that at first it wasn’t the most user-friendly. But it was performant, robust and flexible. These merits gradually percolated across the software world and, over a decade, Linux became the second most popular OS for servers (next to Windows); MySQL mirrored that feat by eating away at Oracle’s dominance.

The first entrepreneurial ventures attempted to capitalize on this adoption by offering “enterprise-grade” support subscriptions for these software distributions. Redhat emerged the winner in the Linux race and MySQL (thecompany) for databases. These businesses had some obvious limitations – it was harder to monetize software with just support services, but the market size for OS’s and databases was so large that, in spite of more challenged business models, sizeable companies could be built.

The successful adoption of Linux and MySQL laid the foundation for the second generation of Open Source companies – the poster children of this generation were Cloudera and Hortonworks. These open source projects and businesses were fundamentally different from the first generation on two dimensions. First, the software was principally developed within an existing company and not by a broad, unaffiliated community (in the case of Hadoop, the software took shape within Yahoo!) . Second, these businesses were based on the model that only parts of software in the project were licensed for free, so they could charge customers for use of some of the software under a commercial license. The commercial aspects were specifically built for enterprise production use and thus easier to monetize. These companies, therefore, had the ability to capture more revenue even if the market for their product didn’t have quite as much appeal as operating systems and databases.

However, there were downsides to this second generation model of open source business. The first was that no company singularly held ‘moral authority’ over the software – and therefore the contenders competed for profits by offering increasing parts of their software for free. Second, these companies often balkanized the evolution of the software in an attempt to differentiate themselves. To make matters more difficult, these businesses were not built with a cloud service in mind. Therefore, cloud providers were able to use the open source software to create SaaS businesses of the same software base. Amazon’s EMR is a great example of this.

The latest evolution came when entrepreneurial developers grasped the business model challenges existent in the first two generations – Gen 1 and Gen 2 – of open source companies, and evolved the projects with two important elements. The first is that the open source software is now developed largely within the confines of businesses. Often, more than 90% of the lines of code in these projects are written by the employees of the company that commercialized the software. Second, these businesses offer their own software as a cloud service from very early on. In a sense, these are Open Core / Cloud service hybrid businesses with multiple pathways to monetize their product. By offering the products as SaaS, these businesses can interweave open source software with commercial software so customers no longer have to worry about which license they should be taking. Companies like Elastic, Mongo, and Confluent with services like Elastic Cloud, Confluent Cloud, and MongoDB Atlas are examples of this Gen 3.  The implications of this evolution are that open source software companies now have the opportunity to become the dominant business model for software infrastructure.

The Role of the Community

While the products of these Gen 3 companies are definitely more tightly controlled by the host companies, the open source community still plays a pivotal role in the creation and development of the open source projects. For one, the community still discovers the most innovative and relevant projects. They star the projects on Github, download the software in order to try it, and evangelize what they perceive to be the better project so that others can benefit from great software. Much like how a good blog post or a tweet spreads virally, great open source software leverages network effects. It is the community that is the source of promotion for that virality.

The community also ends up effectively being the “product manager” for these projects. It asks for enhancements and improvements; it points out the shortcomings of the software. The feature requests are not in a product requirements document, but on Github, comments threads and Hacker News. And, if an open source project diligently responds to the community, it will shape itself to the features and capabilities that developers want.

The community also acts as the QA department for open source software. It will identify bugs and shortcomings in the software; test 0.x versions diligently; and give the companies feedback on what is working or what is not.  The community will also reward great software with positive feedback, which will encourage broader use.

What has changed though, is that the community is not as involved as it used to be in the actual coding of the software projects. While that is a drawback relative to Gen 1 and Gen 2 companies, it is also one of the inevitable realities of the evolving business model.

Linus Torvalds was the designer of the open-source operating system Linux.

Rise of the Developer

It is also important to realize the increasing importance of the developer for these open source projects. The traditional go-to-market model of closed source software targeted IT as the purchasing center of software. While IT still plays a role, the real customers of open source are the developers who often discover the software, and then download and integrate it into the prototype versions of the projects that they are working on. Once “infected”by open source software, these projects work their way through the development cycles of organizations from design, to prototyping, to development, to integration and testing, to staging, and finally to production. By the time the open source software gets to production it is rarely, if ever, displaced. Fundamentally, the software is never “sold”; it is adopted by the developers who appreciate the software more because they can see it and use it themselves rather than being subject to it based on executive decisions.

In other words, open source software permeates itself through the true experts, and makes the selection process much more grassroots than it has ever been historically. The developers basically vote with their feet. This is in stark contrast to how software has traditionally been sold.

Virtues of the Open Source Business Model

The resulting business model of an open source company looks quite different than a traditional software business. First of all, the revenue line is different. Side-by-side, a closed source software company will generally be able to charge more per unit than an open source company. Even today, customers do have some level of resistance to paying a high price per unit for software that is theoretically “free.” But, even though open source software is lower cost per unit, it makes up the total market size by leveraging the elasticity in the market. When something is cheaper, more people buy it. That’s why open source companies have such massive and rapid adoption when they achieve product-market fit.

Another great advantage of open source companies is their far more efficient and viral go-to-market motion. The first and most obvious benefit is that a user is already a “customer” before she even pays for it. Because so much of the initial adoption of open source software comes from developers organically downloading and using the software, the companies themselves can often bypass both the marketing pitch and the proof-of-concept stage of the sales cycle. The sales pitch is more along the lines of, “you already use 500 instances of our software in your environment, wouldn’t you like to upgrade to the enterprise edition and get these additional features?”  This translates to much shorter sales cycles, the need for far fewer sales engineers per account executive, and much quicker payback periods of the cost of selling. In fact, in an ideal situation, open source companies can operate with favorable Account Executives to Systems Engineer ratios and can go from sales qualified lead (SQL) to closed sales within one quarter.

This virality allows for open source software businesses to be far more efficient than traditional software businesses from a cash consumption basis. Some of the best open source companies have been able to grow their business at triple-digit growth rates well into their life while  maintaining moderate of burn rates of cash. This is hard to imagine in a traditional software company. Needless to say, less cash consumption equals less dilution for the founders.

Photo courtesy of Getty Images

Open Source to Freemium

One last aspect of the changing open source business that is worth elaborating on is the gradual movement from true open source to community-assisted freemium. As mentioned above, the early open source projects leveraged the community as key contributors to the software base. In addition, even for slight elements of commercially-licensed software, there was significant pushback from the community. These days the community and the customer base are much more knowledgeable about the open source business model, and there is an appreciation for the fact that open source companies deserve to have a “paywall” so that they can continue to build and innovate.

In fact, from a customer perspective the two value propositions of open source software are that you a) read the code; b) treat it as freemium. The notion of freemium is that you can basically use it for free until it’s deployed in production or in some degree of scale. Companies like Elastic and Cockroach Labs have gone as far as actually open sourcing all their software but applying a commercial license to parts of the software base. The rationale being that real enterprise customers would pay whether the software is open or closed, and they are more incentivized to use commercial software if they can actually read the code. Indeed, there is a risk that someone could read the code, modify it slightly, and fork the distribution. But in developed economies – where much of the rents exist anyway, it’s unlikely that enterprise companies will elect the copycat as a supplier.

A key enabler to this movement has been the more modern software licenses that companies have either originally embraced or migrated to over time. Mongo’s new license, as well as those of Elastic and Cockroach are good examples of these. Unlike the Apache incubated license – which was often the starting point for open source projects a decade ago, these licenses are far more business-friendly and most model open source businesses are adopting them.

The Future

When we originally penned this article on open source four years ago, we aspirationally hoped that we would see the birth of iconic open source companies. At a time where there was only one model – Redhat – we believed that there would be many more. Today, we see a healthy cohort of open source businesses, which is quite exciting. I believe we are just scratching the surface of the kind of iconic companies that we will see emerge from the open source gene pool. From one perspective, these companies valued in the billions are a testament to the power of the model. What is clear is that open source is no longer a fringe approach to software. When top companies around the world are polled, few of them intend to have their core software systems be anything but open source. And if the Fortune 5000 migrate their spend on closed source software to open source, we will see the emergence of a whole new landscape of software companies, with the leaders of this new cohort valued in the tens of billions of dollars.

Clearly, that day is not tomorrow. These open source companies will need to grow and mature and develop their products and organization in the coming decade. But the trend is undeniable and here at Index we’re honored to have been here for the early days of this journey.

Let’s block ads! (Why?)

Link to original source

Warning! Unprivileged Linux Users With UID > INT_MAX Can Execute Any Command

linux policykit vulnerability

Hold tight, this may blow your mind…

A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability.

The reported vulnerability actually resides in PolicyKit (also known as polkit)—an application-level toolkit for Unix-like operating systems that defines policies, handles system-wide privileges and provides a way for non-privileged processes to communicate with privileged ones, such as “sudo,” that does not grant root permission to an entire process.

The issue, tracked as CVE-2018-19788, impacts PolicyKit version 0.115 which comes pre-installed on most popular Linux distributions, including Red Hat, DebianUbuntu, and CentOS.

The vulnerability exists due to PolicyKit’s improper validation of permission requests for any low-privileged user with UID greater than INT_MAX.

Where, INT_MAX is a constant in computer programming that defines what maximum value an integer variable can store, which equals to 2147483647 (in hexadecimal 0x7FFFFFFF).

So it means, if you create a user account on affected Linux systems with any UID greater than INT_MAX value, the PolicyKit component will allow you to execute any systemctl command successfully.

Security researcher Rich Mirch, Twitter handle “0xm1rch,” has also released a proof-of-concept (PoC) exploit to successfully demonstrate the vulnerability that requires a user with the UID 4000000000.

Red Hat has recommended system administrators not to allow any negative UIDs or UIDs greater than 2147483646 in order to mitigate the issue until the patch is released.

Let’s block ads! (Why?)

Link to original source