Twin Cities Startup Week is Here!

Twin Cities Startup Week is Here!

So you’re starting a startup. Congrats, and happy TC Startup Week!

Now you’ve got your idea for a product that solves a problem, some people you want to work with, and prospects to get you off the ground. Sure, you may be building the next great SaaS solution with super smart software folks, but I.T. is….well, it’s different. It takes a different mind and a different skillset – albeit closely related.

We see this a lot.  A startup gets to 5-8 people, and the founder is still setting up computers for new hires. Don’t you have better things to be doing? The answer is almost always yes. Utilizing an I.T. consultant or service provider allows you to do what you want to do, and enable your growth. Starting with the right tools and partners helps make this easy. 

The following is my general advice, but with caveats that every organization is different. Generically speaking though, this is what I would do if I had a software startup in today’s world from an IT infrastructure (e.g. internal tools, independent of the SaaS platform being built). 

First, pick your endpoints. The age-old dilemma of macOS vs. Windows. For me? The economic value of choosing a new MacBook Air with the M2 is by far the easiest decision to be made. The real question comes down to 13” or 15” screen, and that’s personal preference. I’ve been working off a 13” for way too long and I love the portability of it. I’d go to 16GB for RAM, and probably a 1TB SSD for storage. At about $1800, it’s amazing how far things have come compared to “back in my day”. I’d also do AppleCare for the extra $200. To note, this is not always my recommendation for companies – if you have 50 macOS devices, buy two or three spares instead of AppleCare. There’s a threshold once you get to a certain point where the value of having spare machines outweighs the cost of the AppleCare cumulatively. Plus, at Foundation we’re an AASP, so we’re authorized to do repairs instead of going to the Genius Bar. That means faster turnaround times and zero hours in a mall. 

The second decision is arguably one of the hardest in my opinion: identity, email, cloud storage. Of our clients, about half are on Google Workspace, and the others are on Microsoft 365. For those who are using Google Workspace, they inevitably also have the Microsoft 365 Apps only subscription to get Word/Excel/PowerPoint. Hard to get away from those, regardless of how much better Keynote is. Lots of people love Google’s cloud storage, and collaborative document workflows. Many don’t know you can basically do the same with OneDrive from Microsoft. Is it as good? Probably not. But, it works. If I were starting up today, I’d choose Microsoft 365 Business Premium. This gets email, cloud storage, the desktop apps, and what I consider important security features – especially if the goal is to ever get a SOC2 or other certification. These are the building blocks to get you there. As a counterpoint, if your product is a B2C, Google Workspace is likely just fine if you prefer the collaboration and workflow tools. If it’s B2B, I’m sorry, but Microsoft is hard to ignore – especially if you’re working with large enterprises that will ask things like “What’s your Microsoft Security Score?” and having an answer helps you win business. Regardless of the direction, it’s key to pick the platform you want early on, because it’s a pain to move. When looking at your other internal tools (e.g. CRM/ERP), take note of what integrations they have, and specifically any opportunities for Single Sign On. SSO is a huge benefit for employee experience, but also for security. It also helps to be the broker for your MFA – which honestly should be a requirement for everything everywhere. 

And then there are phones. For us at Foundation, and many of our clients, we’ve gone the soft phone route. We use Zoom as our provider which gives us tremendous flexibility (without having to hand everyone a corporate owned iPhone). It allows for SMS/MMS messaging, and one main driver for us was we use their meetings software constantly. Keeping it in a singular environment makes sense and is “easy”.  Arguably, you could do the same or similar with Microsoft Teams, but without the native SMS/MMS features. This has been a key to our business as so many of our clients (and employees) shiver at the thought of answering a phone call (well, our help desk loves them though). 

Those are the big initial decisions, really. Especially if there’s no physical office or you work out of a coworking space. But as you grow, device management is incredibly important and leads to more decisions around MDM platforms, be it Jamf, Intune, Mosyle, or WorkspaceONE. There’s a ton of providers in this space, all with various quirks and benefits, but at their core they only let you do what Apple allows. The standards are relatively equal, yet many are adding new features outside of traditional MDM. In my opinion, MDM should be in place for any company above four or five users; especially non-owners. It’s an incredibly easy way to manage things like software patching, security settings, and ensuring the company owned devices are treated as such. A good example is the ability to bypass activation lock if someone uses their personal AppleID on a device. Having an MDM allows you to control, and even unlock a corporate device using the FileVault recovery key that’s been escrowed. Depending on your industry and compliance needs, there’s some huge efficiencies with any of these platforms, but picking one is worthy of a conversation – which we’re happy to have. 

Alongside the MDM conversation usually comes things like antivirus/malware/EDR software, and then DNS proxying services through DNSFilter or Cisco Umbrella as examples. These are very important from an endpoint security and compliance standpoint, and help protect the organization from external threats. When it comes to things like cybersecurity insurance renewals, almost all of them become valuable to those conversations giving you an ROI for a good security posture.  

Oh, and Slack. Not joking in how much it’s changed the way our team works internally, and even externally.

Looking at physical space, too? Office build outs are sometimes complex and full of little details that can cause headaches if missed. We always ask to be a part of that planning process, and a minimum of 90-days prior. Usually that’s how long we’ve seen internet service providers get in. After that comes the network, and the supply chain is a bit in flux still. Planning early is key, and our role for many organizations includes working with your construction partners to build out a proper low voltage and AV plan to ensure everyone has the right experience from day one. A handful of our clients don’t have offices, though. That’s where our Shelf-as-a-Service comes in handy. For some we act as their I.T. closet, hold onto spare devices, and manage the logistics of shipping and receiving laptops. Obviously way more secure than someone’s basement, and offloading that responsibility lets you focus on what you want to do instead.

At Foundation, we’re agnostic. We hate pushing people into boxes, because we recognize that everyone comes from different experiences and has their own perspective. We like to provide guidance and planning through our Orange Book process – which helps give you a technology outline for what your next 3-4 years should look like. We’ve got a ton of clients who are Windows only, Google only, or no -owned devices at all. Our goal is to be your partner to help make the right business decisions – our focus just happens to be in technology.

In the spirit of #TCSW, fill out the form below if you want to have a casual (and non-committal) conversation with our team about what we might think for your particular predicament. 

This post has been written by Matt Woestehoff, Director of Technology

Previous PostSecurity Advisory: macOS Vulnerability