MR: You mentioned the balance between usability and security. How do you manage that balance as you add more of the features that enterprise IT requires? How do you make sure you're not making it difficult for users?
AL: This is the nuts and bolts and why it's really, really difficult to balance both of these universes. I'm nearly positive any company would love to both be easy to use and integrated into the enterprise at a pure kind of conceptual level. The challenge is how do you orchestrate that within a product development organization and at the same time you have a rapidly changing marketplace and rapidly changing customer base? What ends up happening is you generally are always slightly imbalanced on one side or the other, and you're always oscillating to make sure that you're rebalancing over time.
I'll give you one small example, just to show you the depth of this kind of challenge. We were visiting a customer the other week that has 5,000 employees. It's a very innovative company, but they require certain security standards in their organization. So in this case they have two-factor authentication that has to route through a VPN before people can get access to business applications. They specifically implemented Box because they wanted Box to be the simple solution to their enterprise collaboration and sharing. But at the same time the only way to authenticate with our platform in this organization is through their standard method of authentication. So you have a situation where the motive of the enterprise is incredibly consistent with where we see the future going. They want a simple application that makes it easy to use and makes it easy to share their information. But the way that you get into the application creates a little bit of extra friction for end users. You're trading off a little bit of friction for better security and better protection of users. The challenge is then you have users that now have to deal with this issue of -- well, do I use the sanctioned IT solution that has a little bit of friction? Or do I use the unsanctioned solution that isn't going to be the standard in my enterprise and probably puts me at odds with the security policies and practices of the organization? Our job is to make sure that we reduce the friction on this kind of implementation as much as possible. That's as much a product management challenge as it is a professional services challenge, as much as it is a sales and education challenge.
There's no single thing that I can do which just says make it simple, and that's all you have to do. It's a much more in-depth and thoughtful process, to make sure our customers are as successful as possible at meeting both of these types of demands and needs. That's the nuanced area, and the less nuanced area is you have a product management organization that comes from the consumer Internet. You have a product design organization that comes from the consumer Internet. Most of our engineers that have worked at or would otherwise work at Web-scale consumer Internet kinds of companies like Google or Facebook or others, and so you uphold a level of innovation, a level of velocity that we think is unmatched by the enterprise space. All this comes together delivering what is a very differentiated type of enterprise product that has a consumer look and feel but again, can be implemented by these organizations in a way that meets their IT policies and compliance and regulatory needs.
Sign up for MIS Asia eNewsletters.