Just got back from spending two days at the Business of Software 2007 conference organized by Neil Davidson of Red Gate Software. It was good and very inspirational. The lineup had many clever people, all saying equally clever things.

Still, I tend to favor substance over inspirational talks. Or maybe I just favor people talking about things that apply more closely to my situation, which is probably why I didn’t much appreciate Matt Mason’s talk about piracy, pop culture and innovation. I probably am a conservative when it comes to professional work; leave it to the professionals. And only small doses of pop culture for me, please.  (But no, I don’t buy Andrew Keen’s gloomy perspective as laid out in his book, The Cult of the Amateur. And don’t make the mistake I made and go and read it. His point is easily made in a few sentences. And his research is so one sided that it doesn’t classify as research.)

So back to substance; Bill Buxton I liked. He speaks and, it seems, thinks fast. His talk about designing things was very good and based on years of research and experience. I was inspired and it still felt like a proper and nutritional helping of his very relevant work.

I guess I like it when people do their research, which is why my second favorite was Jennifer Aaker. She spoke about the psychology involved in creating a strong relationship between company and customer. Well, she really did say consumer, but even in B2B it is real people buying your stuff. And then she would consistently use words like "transgression" instead of whatever would go down easier with an international audience. That was kind of funny to a guy with an accent, but with a dictionary at hand.

And there was much more. It was a great conference, and hopefully we will see a Business of Software 2008. And thanks to Neil for pulling all this together.

Recently the WS-Federation 1.1 specification was submitted to OASIS with the intent to have it ratified. The spec is long and I have not yet had a chance to actually understand. But our experience at Safewhere with WS-Federation and WS-Trust is obviously a shared one; that is, you basically only need a passive profile whereas the active profile used for web services is already covered by WS-Trust. SOAP based federation may be viewed as simply chaining together Security Token Services as specified by WS-Trust and as such does not need its own seperate spec.

Don Schmidt of Microsoft has started to blog about some of these things and as one of the authors of the specs he should know.

Safewhere was formally founded on May 19, 2006. Since then we have been busy developing our software, recruiting a few more developers, showing at Microsoft TechEd 2006 in Barcelona, making new friends and turning their need into our cash flow. And we are now close to our 1.0.

We have a few customers of which SEB Pension is one and two other financial institutions are almost signing (hubris?) as I write. To us this is really good news, as is the fact that we have secured venture funding to finish product development and initiate broader marketing efforts.

And why is the venture part good news? Shouldn’t we be going like suggested by Joel Spolsky in 2003? That is, pace our investments to match our revenue stream. His post is eloquent and, as always, well argued. The most important point to me is the observation that founders have just one company as opposed to the VCs who have portfolios of companies. In the case of our VC, it’s our one company against their 66! Their bet is hedged and ours is not.

But to us extra capital is a must. We are building a products company, and we want to bring the benefits of all our wisdom and abilities to a lot of organizations all over the place. When you run a consulting company, or maybe even a niche product company, you can afford the luxury of growing your company at the pace of your client base. But when building a software products company catering to every service oriented infrastructure in the world, you are pretty focused on your window of opportunity, your total market, your addressable market, etc. – and not least how to protect your position as you advance.

To us that means develop world class products (= hire software engineers), secure patents (=pay patent attorneys), and acquire a selection of reference customers (=put your money where your mouth is). That is, strategize, execute – and pay up.

So although we may be opening up our own window of opportunity, it still opens up to a crowd all facing the other way (identity management, role based access control). We want to attract the attention of this crowd, show them the great view from the window – and convince them that we will be the best guide for the land that lies beyond. That costs money now – and only later makes so much more. Therefore this first round of venture capital – and therefore also subsequent rounds in the future.

Web 2.0 has been all the rage for quite a while now. And concerns are being raised that this may be yet another bubble. But to me it makes no difference, as I probably wouldn’t know a web 2.0 if it grabbed me by the eyeballs (yes, I too remember the previous round of “stickiness” and “monetized eyeballs”).

I care mostly about hard technical problems with equally elegant technical solutions. Like the stuff we do at Safewhere. We are building an advanced and very cool suite of infrastructure products. We make a lot of hard, complex things simple, and we address problems that have not previously been addressed in a consistent and unified manner. Usability we don’t know enough about – and we will hire clever people to do this. But when it comes to hard computer science problems we employ the brightest comp sci graduates you can get.

Which brings me to the “and why in Denmark” part. If you ever want to put smart people to work on a hard problem, go with the Danes.  Danes may suck at doing marketing on a grand scale, but they excel at solving complex problems in small teams. Every person on the team will feel that he or she is as smart as the next guy, and they will all take responsibility for creating the best solution –as a team. Danes tend to accept only a very low power distance, and they are generally more anarchistic than many other nationalities.  When you build software this may be leveraged to create great results much more efficient, than would be the case in countries with higher power distance.

So why aren’t these fantastic Danes to be seen anywhere? Well, eh, the Danes have this other habit of being on vacation most of the time, getting off work early – and most importantly we have no confidence that we will ever be successful. And if you still manage to succeed on a grander scale, you better be prepared to be put down for it – badly and promptly.

At Safewhere we are betting, that we may leverage the collective intelligence and lack of power distance to become successful fast enough that nobody has the time to lose their nerve.

– And by the way, we do have one successful businessman from Denmark. He has big boats and sometimes uses them to transport guns to Iraq –for free and for love of USA and freedom.

Just finished the second week of exhibiting at Microsoft TechEd in Barcelona.  This week it was IT Forum which translates into an audience interested in how you actually run and manage an infrastructure based on products from Microsoft and its partners.  Not much to be said about the trade show as such – it was much like last week and we are happy.  The quality of the leads this week is probably a bit higher than those we got last week with the software developers.

But here is another perspective intentionally set up to provoke half the audience at IT Forum – only that they’ll never read this, as they are not interested. The half I’m talking about we may refer to as the scavengers of IT Forum.

It started when I flew back to Barcelona on Monday. The guy behind me was doing the best he could to make clear to all, that the personnel of the largest Scandinavian retailer get messed up and go to IT Forum only because their boss tells them to.  Was this a sign of what was to come? In a way yes, only the rest of the scavengers are probably not as bad as this guy from Coop.  Fortunately he was the first and in the end he still managed to take the price.

But indeed it is an indication of the difference between the two TechEd conferences. The audience of TechEd: Devleopers are software developers with an almost religious relationship to their computer, programming language, communication stack etc. These people go to TechEd because they wouldn’t miss it for anything, and they beg the bosses during the year to get a chance to go to the next TechEd. I like them for their genuine interest and oftentimes curious minds.

As for the audience of IT Forum it may be divided into two groups. One half tries to take what the developers came up with, and actually make it useful to users day in and day out.  These people buy, install, operate, and retire IT systems. They are focused on how to provide a smooth and robust infrastructure of value to their organizations. They may scavenge a bit, but not for a living.

The other half is the real scavengers.  And – inexperienced in a world of IT tradeshows as I am – this group turned out to be a crowd, you wouldn’t want to run into in a dark alley if carrying as much as a cheap pen with the logo of the local waste management company. Maybe they drink bloody marys like the guy from Coop or maybe they are just ordinary guys, but they share the common background of having no special interest in software and IT. They go to TechEd to rid Microsoft and the other exhibitors of free T-shirts, iPods, Frisbees, pens, flashlights, cookies, strange things with LED’s inside, etc. (But no chocolate fondue for these guys. Ha!) The bags they got when registering the first day were so loaded at the end of the week, that many gratefully picked up the extra bag offered by APC. 

And so I could go on – offended I am, and I know I’ll just have to get used to it.  But I am a developer at heart and I like people who show a genuine interest in what they do for a living.

 We just finished our first tradeshow, Microsoft TechEd in Barcelona. Next week we will do IT Forum as well.

TechEd: Developers, as it is officially called, was good for us, but not entirely the way I expected.  But first, here is why it was a success to our young company. We met with a lot of potential customers from our immediate vicinity, Denmark and Sweden. And several of those showed sincere interest and a couple even more than that. And to these people it is a comforting factor that Safewhere has actually started down the road to become an international software company. To them it means more customers to push Safewhere along the right path of continued innovation and development.

1. The Safewhere brand is unknown. Period.
2. Developers are not all that concerned about managing authorizations across deployed services and applications. They lean more towards computational and programming challenges.
3. Developers going to TechEd are pretty focused on what Microsoft will do to them and for them. Short of brand recognition, Xbox giveaways and chocolate fondue (no kidding, Compuware really did that - while at the same time employing a Formula 1 racing theme!), getting the attention of a developer takes our preparation of them even before they ever arrive at TechEd.

Now, that’s my analysis anyway. And our response is simple to identify and hard to execute: PR and Partners. PR generates recognition and partners generate interest in the concrete solution.
 
So in conclusion, I really had no idea on how it would go. It went very well – and next week at TechEd: IT Forum will most likely be even better.

Updated: Image removed

Safewhere is a young software products company with a lot of ground to cover on our ambitious journey to become a viable and profitable player in the international markets.

Viable in the sense that we succeed in creating and maintaining an organization of highly skilled people, who are motivated to make an outstanding effort to turn out products that people actually want.

Profitable in the sense that owners - which include many employees - may rest safely that our products are generating - constantly growing - revenues above our - constantly growing - spending.

As a frequent reader of Joel Spolsky's and Eric Sink's web logs on the various aspects of running a software company, I appricate their insightful posts. Joel's mostly for his views on recruiting and keeping good people. Eric's primarily for his views on how to market your wares in a world dominated by big guys.

But Safewhere is not an American company. Safewhere is located in the city of Copenhagen in Denmark. Denmark is almost socialist by American standards, but also consistently on top of the lists of global competitiveness such as the Global Competitiveness Report 2006-2007 by the World Economic Forum. This is primarily because of our liberal labor laws, which makes hiring and firing very straight forward, thus letting companies grow without running the risk of being caught with a huge salary burden in a down-turn. And the reason it is accepted by the labor force of Denmark is, of course, because of our well functioning public welfare system.

So, however Safewhere fares, I intend to document some of our experiences relevant in the context of building a company from the perspective of an entrepreneur - and sometimes also with a more political angle.  The latter because I genuinely think that politics and running a business obviously do go together, just as politics and being a citizen go together.

Updated: Image removed.

Safewhere, the company I work for and co-founded, is busy getting its first product, Safewhere Authorization Services, ready to show and deliver when we exhibit at the two Microsoft conferences, TechEd and IT Forum in Barcelona in November.

The product is already attracting a lot of attention and the first customers in our Danish vicinity, and we are looking forward to discussing and demonstrating the concepts and features with a wider audience.

Please come and see us at Booth C9 for TechEd and C17 for IT Forum.

After 10 years trying to pick up sales and management skills and developing software for Microsoft Windows, I finally got around to installing my first Linux variant, Ubuntu Desktop, version 6.06. Installing in a VMWare machine was faster and more elegant that any Windows install, and doesn’t look much like the clunky X11 Motif that we used the last time I wrote serious C++ code for Solaris and AIX. Very impressive. Whether it will be secure, stable and performant I have no idea, but the covers look great.

Sorry for the delay, but here is the source for the WSE 3.0 and Azman authorization sample that went with my MSDN Magazine article on service authorization using WSE 3.0 custom policy assertions and Microsoft Authorization Manager, Azman.

It has been updated to use the released versions of .Net 2.0, WSE 3.0 and Enterprise Library 2.0.

Please download from here, and follow the steps of the README file (40,1 KB, RTF). Note though, that the current sample runs on Windows 2003 only, as it is based on Kerberos which is much easier to make work on IIS 6. (Network Service is the default account for IIS 6.0 App pools, and has access to AD).  The README file has a comment on what it will take to make it work on XP with IIS 5.

The source may be downloaded from here (237,5 KB).

Disclaimer: This code has not been thoroughly tested and is meant as inspiration and illustration only.  Our company, Safewhere, makes the industrial scale version which includes a different modeling approach and support for multiple types of credentials - among other things.