There is a typical model for growing technology companies once they pass their IPO milestones—a move towards quickly broadening the product base to derive additional revenue in order to keep the Wall Street analysts happy. Given there has been a dearth of tech IPOs lately—and that one of the ones that did get away, Twilio, is widely regarded as a tech success story—it is interesting to watch what the company rolls out in the short term.
We didn’t have to wait long. Twilio today announced a new enterprise plan that not only ticks the analyst boxes for potential increased revenue, but also ticks enterprise boxes for security and administration control.
The Twilio Enterprise Plan is an interesting move for a company that has always been very much a bottom-up vendor. Twilio’s heart lives with the developer community, and its market-entry models have always revolved around owning the hearts and minds of the developer set. This approach has seen it in good stead and grow into a highly successful company. But as Twilio begins to target enterprise customers, it starts to have conversations with enterprise IT leaders who, while liking Twilio's “arm the developers” story, also want to hear some messaging around governance, risk, compliance and other traditional, big-company IT issues.
The theory, as espoused by Twilio, is that enterprise developers have the same ambitions as their colleagues in startups: They want to operate with agility. But unlike most startups, enterprise developers are saddled by strict security, compliance and procurement requirements—all the stuff that isn’t related to core functionality per se but still central to enterprise adoption.
To this end, Twilio’s enterprise plan covers such enterprise needs as:
- Single Sign-On (SSO): SAML-based SSO is a simpler and more secure solution for IT departments managing employee access to Twilio. Employees benefit from a more convenient and consistent mechanism to log in to Twilio, while IT departments can use their existing identity management system to grant and revoke access and credentials.
- Customizable Role-Based Access Control (RBAC): The customizable RBAC included with the Twilio Enterprise Plan enables the creation of roles and permissions specific to a company’s use of Twilio. Additionally, Directory Service integration allows users and privileges to be synchronized via the existing tools that organizations use to manage permissions across all of their applications.
- Auditing: Fully managed changelog and a SIEM-capable API enable compliance personnel to stay informed of important security-sensitive actions, such as password updates. With auditing capabilities, Twilio Enterprise Plan customers can track exactly what was changed, at what time and who performed the change.
- Public Key Client Validation: With Public Key Client Validation, Twilio Enterprise customers can upload their server’s public key to Twilio. This public key is used to validate that every REST API request comes from an approved business application, further safeguarding against service disruption or fraudulent activity.
- Segmented Billing and Usage: The Twilio Enterprise Plan includes an account segmentation capability that allows usage and billing data to be structured in a way that maps to a business's organizational makeup. These features simplify monitoring by separating logs, and they help finance teams accurately attribute expenses on a business unit level without the need for intercompany reconciliation.
“Enterprises have to balance the desire to be more agile and innovative with the need for more stringent security and controls,” said Jeff Lawson, Twilio CEO and co-founder. “With the Twilio Enterprise Plan, enterprises are free to innovate at the speed of startups while ensuring compliance with their more rigorous policies. We can’t wait to see what they build.”
My POV
It’s always an interesting balancing act when a company “grows up” and starts to act adult-like. Twilio’s traditional user and fan base has consisted of developers who often see these sort of enterprise features and requirements as barriers rather than enablers.
As such, it was always going to be interesting to see how Twilio navigated the path to enterprise readiness. That said, Lawson has, over time, shown he has a good ability to articulate a story that resonates at both ends of the continuum.
These features are core requirements for enterprises, and the rollout of these, along with the certainty that comes with being a list company, should help Twilio on to further growth.