> There is no need to wait months to build Single Sign-On (SSO), Directory Sync, Audit Logs, Privacy Vault, and other boring stuff that enterprises ask for anymore, now you could plug them within hours<p>Having had to rip out Auth0 and similar products and replace them with in-house OAuth/SSO solutions that actually work and can be fully customized at several B2B SaaS companies, I find this claim very dubious.<p>Also, many enterprise clients will want SOC-2, in which case you can't really ducktape things together. Everything has to be designed from the ground up with enterprise and security in mind.
I was reading an article by the other day about a person who had a disability that caused them to be highly disturbed by meaningless animations on the web.<p>I might have voted it up but those stupid memes drag this article down to a low level.
Seems like these enterprise-in-a-box services are taking off and I like the role that they play in the ecosystem. That said there's a lot more to it than what Boxy offers – a lot of what enterprises need is about configurability and flexibility for wildly varying use-cases, as well as general compliance. It looks like Boxy (authors of this post) are building more logging and governance features soon which I think will be useful for them.<p>We wrote about some of the broader flexibility features on our blog as well – <a href="https://staysaasy.com/product/2022/02/19/enterprise-selling-be-enterprise-ready.html" rel="nofollow">https://staysaasy.com/product/2022/02/19/enterprise-selling-...</a>
IMO this is a pretty narrow definition of enterprise-ready, which is often actually more of a focus on being able to map a large organisations process into your application, and also how it scales with the number of users (ie your app is made for 1000 people to use rather than 10, and scales from a process/organisational perspective not just a technical perspective).<p>Small organisations are more willing to change processes to match your application than large companies, particularly if your process hasn’t been battle tested in other large organisations.
This has been my experience, enterprises are routinely one-upping their security requirements.<p>It used to be Shared Controls Audits, now its SOC2 Type 2, tomorrow it will be HiTrust or combinations of SOC2 and ISO controls.<p>This has been getting more arduous every year for the last 10 years, I don't see it reversing anytime soon.<p>As a startup, you will be out of business by the time you meet their requirements, or could have landed other deals.
I was a bit disappointed to see yet another authentication service advertised. I'm still looking for a reasonable open source (or SaaS) framework for managing workflow / action assignment & tracking. It seems like everyone who builds one immediately tries to sell it with a front end rather than a component.
A good resource for things to consider when building for Enterprise Ready is this:<p><a href="https://www.enterpriseready.io/" rel="nofollow">https://www.enterpriseready.io/</a><p>It's not a product, just a list of things to consider. (not affiliated, saw it recently, and thought it was cool).