Tuesday, January 14, 2020

Product Management Internships

An engineering internship program typically runs 6 to 12 weeks, often as a group exercise. Interns join scrums, 2-5 interns (generally 3), where there was a known deliverable on a topic of interest. They would experience the corporate version of their classes: understanding problems, sprinting to solutions, and presenting to the team on progress.

Problems to tackle will usually be areas needing investigation but not yet critical path for the business. Guidance comes from a team lead or senior individual contributor, who advises and runs a daily intern standup in addition to their team standup.

I’ve seen that program a few times. I don’t really like it... the projects can be poorly considered and don’t go anywhere, and the interns don’t end up understanding why the projects would or wouldn’t work in the real world. So it’s a lot like hackathons, only stretched over a summer instead of a week.

I’ve probably seen half a dozen force-directed graphs of data sets that could never scale at a real customer, along with a bunch of pointless dashboard re-skins. Not to mention solutions that could technically work but are not feasible in the company’s licensing model or data system.

What the interns do learn is process and culture fit. That’s not terrible, but a lot of it can frankly be taught in school instead. It’s totally wrong for product management. So how should our internships go instead?

Maybe this is regional, but in the SF Bay Area tech companies are competing for interns. You can win excellent candidates by showing why they’ll do real work which will ship. Intern wants to get a job. “Got to prove culture fit at $HouseholdBrand” is one path to that. “I shipped a feature at $Elsewhere and here it is” is another one. “Proved culture fit at $Elsewhere” is not so good.

Set that as table stakes and you’ve got a good base. Next, focus on how to teach product management. There are different philosophies for that, which I’ll touch on in another post.

Know everything, then automate!


The concept of virtual patching has set me off on a small rant.

If you’re not familiar, the concept is something like this: vulnerability scanners determine that PC42 in the CritStuff system has a nasty problem, but you can’t patch it for reasons. So instead, software magically figures out that exploiting this vulnerability requires access to port 80, and tells the nearest firewalls to drop anything headed to PC42’s port 80.

I’m down on two concepts here: the first is high risk automation. I have scars from network admission control. I’ve seen SEC filings delayed because of a properly quarantined laptop, never mind the attack ships on fire off the shoulder of Orion. Blindly implemented policy has high risk, and some knowledge of context is needed to make a proper risk-reward calculation. People aren’t perfect, but they’re better at this than software is.

The second concept I don’t trust is a requirement for pre-learning. Anything that requires the customer to learn in great detail how their systems work and what the dependencies are before they can safely act has put too much burden on the customer. Anyone remember host-based intrusion prevention systems? How about application virtualization? The environments that are simple enough to manage this way do not have sufficient resources attached to support a software vendor. Said differently, this approach has failed to find market traction enough times that it is now available as free open source.

One is supposed to argue that the virtual patching tool, like learning mode IPS before it, is able to save the customer the trouble of learning... except using those automatic tools just leads to learning about the dependency by accident instead, and therefore is still a market fail.

What about AI? What about it? A perfect robot would be more patient than a human but just as capable of learning the entire system, automating it, and maintaining the automation. But using that system would require the humans around it to either understand as well, or take a leap of faith. People will totally take that leap in order to gratify our laziness, but two or three failures will mean the system is rejected.  Can the robot be perfect? If not, can it be cheaper than a human? And is any of this conversation relevant to the far-from-perfect robots we can actually build today? Sometimes.

Sunday, November 3, 2019

Offering Multiple License Models

I’ve written quite a bit about licensing software now, you can start here to follow the whole thread. In The Platform License Problem, I mentioned some free pricing as a hide-the-sausage technique. When there are multiple markets to find product fit for, and the vendor has a software base that tackles those markets, the platform problem applies. But burying the cost of a shared platform isn’t the only reason to give away software, so let’s look at some more ways that can happen.

Freemium has grown very popular in the shadow IT, consumer tech, and open source based tech markets. With a freemium model, consumers can get your product for free without support, but have to pay for “extras”: additional features, related services, and/or support contract. The pwSafe password manager is free, but cloud-based synchronization costs. The Bear text editor is free, but advanced features cost. Splunk is free to use up to 500 megabytes a day, but costs quite a bit for more. One might say these models are equivalent to a free trial on a service, such as getting Apple Music or Spotify for a free trial. However, freemium is different in that there is no time limit; instead of getting the same features when you start paying or losing the service when you don’t pay, with freemium you can use the free version forever and get more features when you pay. It is more like the shareware model, without nag screens.

Shareware, for those who don’t remember it, was a try-before-you-buy model popular in the early Internet. The customer can download the package and use it with full functionality for a limited time, but must buy a key to continue. After timing out, the software might stop working, or continue working with nag screens or watermarks on its output. Freemium packages hosted on app stores have largely wiped this model out because they allow the small developer to outsource the tedious and complex work of handling customer payments.

Even without the app store’s help, freemium models can be great for vendors. They encourage word of mouth networking, as well as advertising from taste-makers and aggregators. Reviewers and users are happier to recommend products that new users can get for free. New users are happier to try products for free. The vendor gets low fidelity signal from the downloads and traffic of a broad pool of potential customers, and can experiment with the potential for features to convert those customers. The vendor can also instrument the free product for higher fidelity feedback. The only downside for a vendor is in mis-calibrating the free/paid version; too much value for free means failure to capture revenue. As long as costs are covered though, those are theoretical losses that can be ignored in the interest of living a peaceful life. There’s always the possibility to add a better paid feature which changes the picture.

Lite editions of premium products are a slightly different take on the same theme. Typically introduced after a successful product has gained traction, the lite edition is used to expand that product’s influence without requiring a full license for every user. AutoCAD, Visio, and Adobe Acrobat all played this game very well. This model is growing less popular as vendors embrace cloud and app-store delivery of software, but the fashions of software are fickle.

The ultimate extension of the lite version is open source: the software is free to use without time limits, and the vendor must build a business around it using services, support contracts, or enterprise features. It can be harder for an open source vendor to calibrate that free/paid value balance as well, particularly when SaaS offerings erode the value of service and support.

These models all have something in common: they allow the vendor to put basically the same software into multiple customer markets. The target market of customers willing to pay for the product is satisfied, while a broader market of potential customers is also satisfied at very low risk. The vendor can easily striate further by offering a “super pro” version for even more money, limiting complex features to the customers who need them.

It’s a great option that costs even less when starting off from a SaaS base. That said, alternate consumption models can also be overly complicated when you’re still trying to find product market fit. That struggle is particularly challenging for the open source vendors who start there on day one, with a default business model of linear-growth services that faces significant erosion risk.

Saturday, October 26, 2019

The Platform License Problem

In my other three posts about licensing, I discussed simple products. But what about platform companies?

A platform company sells two types of products: the platform, which enables everything else, and the use cases which rely on that platform to solve specific problems. The key to the platform company definition is that the solutions will not work without the platform; they are add-ons sold by the first party. You can’t buy the add-on without the platform.

This model is really exciting for vendor and customer because it means lots of different problems solved In the same way, with a single decision. There’s an interesting pricing challenge down this road though: the platform plus one add-on is less compelling than the platform plus many add-ons. Worse, the platform cost buoys the total price to a point higher than single purpose competitor products. Result? The land and expand rarely works out in first deal pricing, unless the customer cuts to the chase and buys more add-ons in the first deal.

Every platform company has this problem.  Bundles, bands, and hide-the-sausage are the only ways I know to resolve it, by encouraging multiple add-ons to be purchased in the land stage.

• Bundles: Either permanently or on promotion, sell several things together so the platform price isn’t so glaring. This doesn’t solve the single-purpose entry point problem, but it makes jumping straight to expansion more appetizing. See anything with “Suite” in the product name.
• Bands: Same thing with more complexity. See Microsoft’s Office365 price book.
• Hide-the-sausage: Spread the costs of the platform by making it “free” or “cheap” and increasing the cost of all the modules. Discourages customers from buying many solutions unless combined with bundling or banding to force a second discounting scheme in. See Google.
• Of course, hide-the-sausage can be reversed: charge once for the platform and then make all the add-ons free. Doing so reverses the incentives and encourages customers to download lots of add-ons, increasing support and development costs and decoupling financial signals from product development. This is a great way to cross the Bill Gates line: your apps are published as guidance, and your partners are encouraged to make the money that you’re not making on your platform. See Salesforce.

There is no best option, in my opinion. I will quote Clint Sharp’s comments on pricing model changes though: “a great way to initiate a denial of service attack against your PM team is to constantly start up new debates about pricing models.”

Licensing thoughts continued...

Saturday, October 5, 2019

Scripts for Adulting


  1. Hello, I’ve been admitted to the 2019 class and I have a question about my high school grades. Can you help? My reference number is #######. * Get the dates and account numbers together ahead of time.
  2. I’m going to get a bad grade in a class, or possibly a withdrawal. * Just the facts! They don’t care what happened.
  3. will this affect my acceptance to university?
  4. does it make a difference if I take the bad grade or the withdrawal?
  5. are there recommended steps I should take?
  6. what was your name? * In case you need to explain where you got advice later.
  7. thank you!


I’ve found that writing little scripts like that really helped my kids with their adulting conversations as they went through high school and into college. My daughter was very upset about the class, but it wasn’t relevant to her major so there was no point in discussing how or why the bad grade was happening.

Plan out what you’ve got to say, plot a path that your own emotional hot buttons, and gather the stuff that you can anticipate needing.

It’s a useful tool for managers as well. Tough conversations are part of the career. If you go in prepared, they are a little less tough.


  1. the company is making a change. * Just the facts.
  2. what’s the reasoning, quick outline of process. * Why is this happening.
  3. how does it impact this team. * Most positive spin possible.
  4. how does it impact you. * Simply your opinion of the reasoning and outcome, and how you came to accept that it was acceptable. If it’s not acceptable, save that for the separate communication where you announce your resignation.
  5. summarize: what’s happening, impact to this team, what should everyone do next.


If you’ve got lots of time to prepare, you might even think through some likely interactions, but that can backfire by helping you spiral back into emotional territory. The goal is to be able to communicate the facts and save your feelings for a different conversation.

Wednesday, August 28, 2019

Platform and Partners, Round Two

After reviewing this post on platforms and partnerships, there’s more to dig into. By definition, you can’t cross the Bill Gates line by yourself, but who should you be seeking partnership with? Developers who consult or consultants who develop? What tools should you build for them?

At the end of that article, I felt that free form coding was required. My reasoning is that the platform vendor cannot predict valuable use cases well enough to produce the toolkit that a consultant would need. This is not condemnation of the toolkit or the consultant. Rather, it is a recognition that high value jobs require deep linkage to the customer’s processes and data systems, meaning that they are complex and customer specific. This means you’ll need consulting service shops to achieve them, not development shops.

Consulting services partners only have linear contributions to your bottom line though. Managing and supporting them therefore needs to be a linear cost, and that implies keeping their toolkit minimalist and simple in nature.

The most elegant and efficient way to reach this state is to not provide a special toolkit to service partners at all; instead, partners work with the same toolkit that your own development teams use. Imagine a company in which every team’s functionality is available via service interfaces that designed to be eventually public. Such a company is not only using Conway’s Law for good, they are enabling partners by enabling themselves. This doesn’t eliminate partner-vendor squabbling, but it can keep the tenor focused on more easily resolved questions. It’s easier to answer “we want a bigger slice of these deals” (single variable, money) than “we want an easier and more flexible development toolkit” (what do easy and flexible even mean).

“APIs everywhere” as a partner service model also generates the maximum value for a development partner, who is now unconstrained. They may plugin to your stack anywhere and create value in any way. However, this is not an unalloyed good. Where many services partners are constrained to a single platform vendor (or at least a preferred vendor per use case), the development partner has a more flexible destiny. They are also more inclined to risk, since their business model rests on big upfront investments with uncertain but hopefully exponential rewards. If the platform vendor’s stack is completely open, a development vendor can easily subvert the vendor’s intention, and is far more likely to try it than a services partner. A few interesting examples: Elastic’s fight with AWS, AirBNB’s uneasy relationship with listing indexers, and Twitter’s on-again-off-again stance towards third parties. One might use an analogy: services partners for dependable, steady growth, development partners for high risk, potentially explosive growth. This can be a helpful model in deciding what vendors to support, but isn’t as helpful when deciding what toolkit to ship to them.

It’s worth picking apart the difference between technical support of a model and legal support of a model. Open APIs as a technical choice is a clearly beneficial system: internal and external teams are on the same footing, allowing maximal value to customers for minimal effort expenditure. The downsides of the model are in business risk. Remediation of that risk is a business problem, and the resolution is a partnership contract requirement and a technical enforcement via access keys. That’s obviously not an option for a fully open source system, but I can’t say I’d advise a fully open source approach to any platform business anyway.

Licensing models, self-service style

In my other two posts about licensing, I suggested that flat rate pricing is best for customers, but impossible in enterprise sales because of the variable and high costs of making a sale.

Those costs are difficult to understand if you haven’t been exposed before, but they are all too real. Weeks spent in negotiating a price are only the start; weeks spent in negotiating contract language are just a feature. What about indemnification? Can the vendor insure the customer against potential supply chain threats for the foreseeable future? It’s simply a matter of cost... and that insurance policy is now part of pricing.

What will happen to the deal if the vendor is purchased by another company? Can the customer audit the vendor’s source code? If the vendor goes insolvent, does the customer get to keep the source code? Yes, I have seen a customer organization running their own version of a formerly commercial product a decade after the vendor threw in the towel.

I was once involved in a contract between two industry titans that included a minimally disguised barter of services, and one of those services was sold to a third company as soon as the ink was dry. The cost to make and then keep that sale was... not small.

Even when it’s not titans you’re selling to... you can still be blocked on your ability to cross the competitive moat around enterprise software. If the thing you’re selling is close to the customer’s mission or has visibility across the customer’s entire org, they’re more likely to apply scrutiny and it’ll be harder to fudge compliance and legal details. The amount of blockage is directly tied to the amount of coverage or visibility your product will have for the customer. For instance, you might expect a gigantic financial customer to care greatly about indemnification, but they probably don’t for a specialist tool that gets quietly used by 25 people in the security ops center every now and then. Whereas if you’re selling something that sits in a mid-sized retailer’s cardholder data environment and manages the entire cashflow, they’ll probably care a lot more.

So as a vendor, there is a reasonable pressure to force your cost of sale down, and there is a clear goal: the almost zero cost clickwrap contract. Simply set your terms, disallow negotiation, and let the dollars roll in. It’s the ultimate expression of flat-rate pricing.

This is a fine approach for what I like to call lifestyle businesses: if you just need enough money for you and your cat to live happily, then sell away. The catch is that the most lucrative potential customers literally can’t buy from your business because of the potential risk. You’re probably good to go if your addressable market is consumers and your price fits on a credit card, but big business is off the table.

Wait! Singleton users and small teams buy in this model all the time! Expense report reimbursement is open to question, but no one cares if the price is low enough. A frustrated employee may just eat a few dollars for a productivity enhancing tool. The clickwrap model gets extremely blurry around personal computing appliances. I’m writing this in Bear on my iPhone, how is my employer to distinguish it from work I do with and for the company on the same device with the same app? (In my case, I use different editors for different roles.) Corporation and government legal departments try to draw a clear line, but IT struggles to implement that line and a clickwrap vendor is therefore always in danger of being pinched by changes in policy. Shadow IT is no place to make big money.

However, shadow IT does have some astounding success stories: Amazon Web Services is the obvious example, but Balsamiq, Basecamp, and Glitch (FKA Fog Creek) come to mind as well. If the official channels cannot support a use case and the need is great, then people will find a way.

Part four.