Business technology is often unloved — email, laptops, finance systems and sales tools just don’t feel as important as building a great product. But getting business tech wrong will cost money and may even kill your business.
Why do I care about Business Tech?
As a CTO, I spent many years of my career worrying about how to deliver the best tech to people inside my business. Now as a tech advisor I get to work with a wide variety of startups, mid-sized businesses and large corporates and the sad truth is that I hardly ever see business tech done well.
I spend most of my time looking at technology. I often work with investors to unpick the technology inside potential investments, and I spend yet more time being asked by CEOs to ‘fix’ their technology or teams. Invariably, the unwritten request is to look at the product they are building and the engineering teams, designers and product owners who are building the product.
This very focus is part of the reason I feel moved to write; tech is not solely the product that you’re building, and consideration needs to be given to all of the tools that make life better for people working inside the business. ‘IT’ might sound like the sort of boring requirement that large companies worry about but, regardless of the size or age of business, I would struggle to give you a single reference of someone that really does it well.
I care about this because I find the risk and waste that I see in businesses upsetting. Get the basics of business technology wrong in today’s age of increasing data privacy legislation (like GDPR and HIPAA) and heightening levels of cyber attacks means that you could jeopardise your entire business.
I don’t want you to fail, not over something this preventable. Get your business tech right from the beginning and you lay the foundations for a truly scalable business.
Why should you care about business tech?
Let me make a few guesses about what your business tech looks like.
You’ll be using Microsoft Office 365 or Google’s G Suite for email and calendaring. If you’re using G Suite, you’re probably also using it to create and store documents. If you’re using Microsoft, you’re likely using a combination of local storage, OneDrive and Sharepoint. It’s probably confusing.
You’re using either a Mac, or a Windows PC. In a smaller business, you probably log in to your laptop with a password that you set locally. If your business is a little older, you may have a terrible password like ‘Jn*js(k2028sdD’, which you reset to something different every 6 weeks. You can’t remember it, so you’ve written it down on a folded up Post-It in your wallet.
In the course of your day at work you have to use a number of different logins — one for your laptop, one for email, one for the HR system. If you’re a Google user, you may use the ‘login with Google’ button for some applications. There’s probably a Slack team, which might have yet another password, and there’s probably a few informal WhatsApp groups using space on your phone.
Sometimes you claim expenses, but you try to avoid it because it’s awful. The HR system has another login, which you always forget when booking vacation. There’s yet another system to do performance reviews. Your payroll system looks like something out of the 1990s. You have access to the company Twitter account, and you know you’re not supposed to share logins on Post-It notes, but you kind of have to for Twitter.
You create spreadsheets and presentations all day, but once they’ve been written they either get emailed back and forth (Microsoft) or shared (Google), after which they’re impossible to find, regardless of how good the search is supposed to be.
Someone left your team two weeks ago, and you’ve just realised not only are they still reading your Slack messages, but they have just posted a selfie in that team’s WhatsApp group. You’re not quite sure how to politely suggest that they leave it.
One or two of these may seem familiar and I can say with confidence: if you’ve experienced anything like this, you’re not alone.
You’re not the only one it sucks for
If you think that using your business tech isn’t the best experience, give some thought to the people that make it happen. Unless you’re lucky enough to have a dedicated tech team, this inevitably falls to someone else in the team as a side-gig. Buying your laptop and your work phone? Maybe that’s the finance team. Setting up your email account? The scrum master. Giving you access to Google Analytics? The marketing intern. Github and Confluence? The engineering lead. If you’ve just got your first funding round, the CEO probably still does all of this.
This isn’t to say that it’s all perfect if you are large enough to have a dedicated team. These team members have to deal with last minute requests for new starters that start tomorrow at 8am; leavers who are leaving right now (at pub o’clock on a Friday night); there’s no budget to buy new laptops and no time to fix the old ones; your CEO refuses to turn their computer off so that they don’t have to remember their password.
But the reason that it sucks the most? Get any of this wrong and a disgruntled employee or an overlooked piece of technology may be the data leak that destroys your brand reputation and leads to a sizeable fine.
What does perfect look like?
Let’s leave the depressing reality behind us, and cast our eyes forward to a potential future for your business. Let me give you a vision of hope and optimism; words not usually associated with email.
A prospective employee, Kate, has been invited to interview with your business for a role as a senior engineer. She applies online, and receives an invitation with all the details she needs about the role, including who she will be meeting for the interview. After the application, and through the stages of the interview process, Kate is kept up to date until the she successfully secures the role.
A week before Kate’s first day, a request comes through to the tech team to make sure that a laptop is available for Kate to use. As this is a new role and there is no laptop in stock, an order is placed with the laptop supplier for a brand new laptop with the standard company ‘build’ on it. This ensures the laptop is connected to the company directory, the hard drive encrypted and anti-virus installed. It arrives in the office two days later and just needs to be plugged in to work out of the box.
On the Friday before her start date Kate receives an email with instructions on where to arrive and who to ask for on her first day. Even though it’s a small startup this little touch makes her feel much more comfortable and prepared for Monday. She’s asked to complete some more information about herself and complete her registration details on the HR system as a new employee.
The rest of her new team and her manager receive an email letting them know that Kate will be starting on Monday, and a few interesting facts about her to help them get to know her and make the inevitable new starter intros easier.
When Kate arrives on Monday, her manager introduces her to the team, and takes her to her desk. There’s a small collection of items, with a card and a neat bow on top, waiting on her desk. She carefully unpacks her new laptop, which starts straight away and connects to the WiFi.
Kate logs in to the laptop and is asked to reset her password. She opens a web browser and is taken directly into a portal page, which links to all of the applications that she has access to; in her case, Google Apps is prominent at the top, with access to the HR system she’s already been using, what looks like a tool for submitting feedback about the business, her expenses, Jira, Confluence and some other technical tools.
When Kate logs in to her inbox, she notices a few ‘welcome’ emails. One is a list of onboarding tasks from the HR system, which includes some online training about cyber-security that she’s asked to complete immediately. There are also a number of other training videos available; short 30 second screen-captures of how to do things like setting email signatures.
Of course, Kate isn’t the only one taking part in this. While Kate’s experience as an employee was more slick and seamless than most employees’, what was really different was how this all worked for the team behind the scenes.
Kate’s application on the company website kick started a process which is designed to make the process of onboarding a new member of staff as efficient and automated as possible. At the point Kate transitions from a candidate to an employee she is creating the credentials she will later use across all of the tools in the business. The HR team (or hiring manager) explicitly allow Kate access to company tools from the moment her account becomes active, on the first day of her employment.
Including the HR system in the tech stack doesn’t just make for a better onboarding process. It allows the HR system to serve as the ‘source of truth’ for all employees. Not only does it flag when Kate can start using company assets, but it also assigns them based on the department she is in (and can remove access from all of those applications from the moment she leaves the business). This entire process needs no input from anyone with a technical role, is automated and repeatable for every new hire or leaver.
In this new world, no employee is ever required to remember more than one password — the one which they use to log in to their laptop. With just that one set of credentials, they can then log into every application that they require access to. Even temporary access — for example, taking over holiday cover for the company Twitter account — can be granted without ever having to know the password.
The ‘Opinionated Tech Stack’
I first merged business tech (or IT as it was then) into my role in 2012, and immediately rejected the prevailing approach. I’d been building digital, customer-first products for 15 years by this point, and the lack of ‘customer’ understanding across traditional IT was terrible. I set out to do something different, and created a number of guiding principles which I still try and adhere to today:
- Tools should scale from 10 people to 10,000 people
- Teams should be able to work in a browser, and on a mobile
- Employees should be secure from anywhere, not just inside the office
- Provide tools that people love to use, not that the company likes to buy
These principles remain at the heart of a scale-up tech stack which I now roll out in companies that I work with. Over the years, I’ve tried this approach at scale (with over 300 people), with different technologies (Microsoft/Apple/Google) and in many different companies.
The true challenge is not to select individual tools, but to choose tools that can integrate and work together well. Starting with our vision of what might be, the test is to implement these automated processes in the same way that we might for our external customers. This requires initial thought and effort, but will repay itself with future efficiencies as the company grows.
This Tech Stack represents a number of tools that I have bought, tested and implemented together. I know that they play well with each other, and will scale with your business. Although in reality I’d recommend that you review each choice carefully, I want to save you time and give you the best chance of creating something useful, effective and great to use. These are not supposed to be the cheapest or most complete choices, but rather a selection which will suit the needs of most businesses.
And so, with the caveat that this will work best for US and UK audiences, let me introduce ‘Ridley’s Opinionated Tech Stack’ — the one where I make nearly all the choices for you.
Step one: Choose Mac or PC
If you want the greatest simplicity in scaling, I’d recommend you use either Macs or PCs and stick with one of them; it’s entirely possible to support both Windows and Macs in the same business, but it does add complexity. If you’re brave, we can discuss using only Chromebooks and Android phones, or even how to roll out Linux and iPhones.
Step two: Choose Microsoft or Google
Personally, you can wrestle me to take G Suite away from me, which I run on Windows. I’ve been softening my position consistently on Microsoft for the last 18 months, with significant improvements in their products, but Office 365 still doesn’t run quite as well in a browser as G Suite. There are also significant benefits to rolling out Android phones if you’re using G Suite.
The integration of Windows and Office 365 means that choosing Microsoft is likely to be the ‘easiest’ choice if you want the ultimate in scalable simplicity. While end users might love Macs and iPhones, they lack the ease of administration that Microsoft can offer which can grow in importance as the company scales.
If I had to choose for myself: Dell XPS 13, Windows 10 Pro, G Suite, Android. YMMV.
HR System: Bamboo HR
The kernel of the vision we describe above is a good HR tool. Bamboo does a great job of managing applicants all the way through their journey to becoming employees, will easily scale to hundreds of staff and is modern and usable. Bamboo has a friendly onboarding process, solid integration (especially important for the next step), and a solid workflow process that helps employees keep track of critical HR related tasks.
Identity Management: Okta
There are several great providers in the market for Identity Management, but the one I choose again and again is Okta. It’s easy to plug Okta into BambooHR, which links identity and authentication with your employee records.
In a Microsoft environment, Okta can link to Microsoft’s Active Directory to manage users, and works similarly for G Suite users. Bread and butter for Okta is granting single sign on access for users to any application that can be accessed with a web browser. Even better, it can also add (provision) and remove (deprovision) licences and accounts in a number of systems (like G Suite and Salesforce), ensuring that you only pay for the accounts that you’re using.
Okta is also the best place to add two factor authentication (2FA) across all of your applications, a key tool to make passwords easier and more secure for your employees. Regardless of whether you choose to use an Identity Management system, you should always turn on 2FA or multi-factor authentication (MFA) wherever possible.
Device Management: Google Mobile Device Management / Microsoft InTune
If you’re allowing employees to use their mobile devices to access company information, please make sure that you do three things:
- Enforce a security policy on the device (ie, it has a passcode)
- Ensure devices are encrypted (and force ‘Work’ accounts in Google)
- Ensure that devices allow remote wipes by company administrators, but ONLY when requested by an employee (ie, it’s been left in a bar and is full of embarrassing selfies and important company data)
One thing not to do: do not track your employee’s location. It’s likely to be none of your business.
Laptop/Mac management: Hexnode/Airwatch/Microsoft InTune/Jamf
Similarly to mobile devices, you should ensure that laptops are encrypted (Bitlocker is included in Windows Professional, don’t buy laptops with Windows Home for work). You also need to ensure that they have anti-virus, are regularly patched and that they can be remote wiped in the event of loss. I don’t have a strong preference for any of these three vendors, but would definitely consider InTune in a Microsoft only environment, Jamf in an Apple only environment, or Hexnode/Airwatch if you cross the streams.
These tools are of the greatest importance when it comes to ensuring that all of the assets in your company (ie, your laptops) have their operating systems updated, have anti-virus running and check in regularly. Don’t lose data by losing laptops in cabs.
Collaboration & Comms: Slack / Microsoft Teams
This might be unpopular: please replace that free version of Slack you’re using. It’s not secure enough to use in a business because you’re unlikely to remove logins from people when they leave the business. If you want to use Slack (because it’s genuinely the best tool out there) then you should be prepared to pay for it.
However if you’ve chosen to follow the Microsoft route you really should use Microsoft Teams and not pay for Slack. It’s not quite as intuitive or extendable as Slack, but it’s free (and secure) if you’re already paying for Office 365.
The ‘other bets’
Depending on the scale, size, location and funding of your business, there are many more choices to make. My ‘complete’ list of preferred products runs to over 50 different products and is constantly changing, but there are a few other tech tools I consistently recommend.
For performance management in teams, I often recommend Small Improvements, a lightweight, easy to manage tool that helps set objectives and track employee performance.
If you need to run video conferences with clients or larger groups that won’t fit in Slack/Hangouts/Skype, Zoom has potentially the best interface, with transcription and recording of meetings made available for download. Once you’ve done the deal, HelloSign is a great e-signing tool for any company that needs to get signatures on contracts.
If you have a small enterprise sales team consider Hubspot; Salesforce is a default choice when you get over about 20 sales users or you have rapid growth plans and multiple countries to serve. For supporting customers, a service desk tool is essential, and my preference is for Zendesk (as long as you don’t try and customise it too heavily). For marketing to customers via email, Mailchimp/Mandrill are a great starting point.
For data and visualisation Google Data Studio, Amazon Quicksight and Microsoft PowerBI all make great dashboards to give out to your team or put on wallboards. The choice is often obvious dependent on other technology in your stack.
In the UK, I strongly recommend Xero for finance teams which extends to their Expenses addon. In other countries, Expensify makes the process much easier if your team regularly make purchases.
Over to you
If you build products, interact with customers or provide tools for employees it’s likely that your business is at risk from cyber-security threats. Protecting your company is as much about the steps you take inside the business as those that you take when considering threats from outside. However, when making sure that you are secure internally, you also have the benefit of providing a better, more effective and more engaging experience for your employees.
This list is by no means conclusive, and your mileage will naturally vary. If any value can be taken from this article it’s this: business technology needs to be taken seriously. It needs an owner and a vision, as well as love and attention. These products are just the start of delivering effective, useful, lovable and secure technology to people inside your business.
More than anything else, I’d love to hear your success stories about brilliant business tech, and the most successful integrations. Please do comment or get in touch with your stories.
Note: I’m not associated with any of these companies, nor do I receive any consideration for my recommendations. They’re simply companies and products that I consistently choose to work with.