"When it comes to internal product management, right? Internal technology management. You can't just think about how can I give users everything? How can I give users everything in a secure and cost efficient way?"

Intro:
Welcome to the Agile Digital Transformation podcast, where we explore different aspects of digital transformation and digital experience with your host, Tim Butara, content and community manager at Agiledrop.

Tim Butara: Hello everyone. Thanks for tuning in. I'm joined today by Andrej Safundzic, CEO and co-founder of Lumos, an advanced SaaS management and identity governance platform. The topic of our conversation today will be the APPocalypse, as in app-ocalypse. And we'll be talking about how businesses on the one hand, as well as individuals on the other hand, can manage or navigate this overabundance of available applications and available technologies.

So, Andrej, welcome to the podcast. It's really great having you here with us. Want to add anything before we dive into the conversation? 

Andrej Safundzic: No, I'm excited. I'm excited to talk about this new world of the app economy, the app-ocalypse. I'm so excited to kind of, you know, just chat about that. Thanks for inviting.

Tim Butara: Awesome. And I'm, you know, I'm a linguist by profession and I love wordplay. So like, just, you know, managing the app-ocalypse. I love the title already. So let's actually start with that. So what is the app-ocalypse? 

Andrej Safundzic: You know, there have been three stages in this digital world, right? The first world were on premise, right? So think about back in the time when you kind of, you know, deployed Oracle, or when you deployed, like, you know, still people deploy SAP and Oracle, but back in the time, that was the only thing that people used. Right. 

And the company usually had four or five applications, Oracle, you know, SAP, IBM, and they did everything with those applications, right, from HR to CRM systems to anything that business critical, they use those applications for, right. So that was stage one. That was roughly in the, I would say, you know, 1990s, early 2000s. Right? 

Starting from 2005, we went into the world of cloud, right? Which is still not the app-ocalypse. So what the world of cloud means is like, you know, Salesforce became bigger than, Atlassian was founded, right, office 365 came out. 

So more and more stuff wasn't, you know, used on prem anymore, but in the cloud. Right, which came with all those benefits, right? Before, you had to kind of have, you know, floppy disks or whatsoever that you kind of deployed on every freaking computer. And now everyone could just access anything from the internet.

So then, we started using a couple of more applications. We started, you know, at the beginning with four or five applications. Now we have around 20, 25, right? Everything was more digitized. 

Then the newest stage, which was starting around 2015 onwards, was the consumerization of the internet. So what does the consumerization of the internet mean?

2008, we had the consumerization of the internet in the consumer world. iPhone came out, the App Store came out, right? They were just able to download anything, you know, with a single click. Netflix and all, you know, your healthcare app, anything as a consumer I could download. 

To the enterprise, it came a little later starting with Dropbox, starting with companies like, you know, Datadog. You know, suddenly I could just go to the internet, click sign up for free, and start using it. 

So, previously to wrap it up, IT was the main person that distributed applications. Now the individual employee could just sign up for something and start using it. That led to the app-pocalypse, right?

What that means, it's actually a good thing because people were able to use all those sorts of cool apps, you know just online. You were able to use GitHub, you know for version control you were able to use, you know Datadog for you know, cloud monitoring you were able to use Dropbox for file sharing, you're able to use, you know Airtable, you know, for, you know, online database management, right?

But the problem was, is that IT didn't kind of, you know, manage that anymore. I, as an end user, was managing it, right? 

And so what happened in the end is, with the app-ocalypse, is that there are now 650 applications, 650, used in a company. And that's kind of a big, you know, that made the complexity of the tools that you're using in a company, 10x-ed it, which came with all, you know, benefits and all the challenges.

Tim Butara: Yeah, I was just going to ask about that. I'm guessing that this overabundance of apps has both positive aspects as well as negative aspects in terms of the impact, both on the businesses and individuals, like individual employees.

Andrej Safundzic: Yeah, exactly. I mean the benefits are very clear. Innovation is a benefit. You can just start, you know, using new tools, right, to try something out. In the end, you know, just like 70 years ago, not even, 50 years ago, we were still in the world of atoms. Peter Thiel called it the world of atoms, which meant we created cars with screwdrivers or machines. Right? And only recently, if you think about it, we moved to the world of bits. 

Before, since the 18th century, you know, 1750 or so, when the steam engine came out, we started this kind of new world of atoms, where we had machinery to build all those amazing things. And that lasted over 200 years. 

And then now, only in the last 30 years or so, or 40, we moved to the world of bits. Right. The world of bits is like the digital world. 

And so while we used in the past screwdrivers, right, or machines at a bigger scale. Now that machinery that we're using are our, you know, our digital applications. 

And the benefit is that, you know, I have now 600 apps in a company and I can automate a bunch of, you know, busy work with a single click of a button. 

So that is the benefit, you know, more tools, more specialization. Your Iron Man suit. Imagine your machinery is your Iron Man suit. Your Iron Man suit just became more powerful with more kind of buttons and so on, right? 

If you think about an airplane. The airplane before had, when it just started, maybe two or three buttons. And now it has hundreds of buttons for more safety, for faster, you know, for better landing, for faster, you know, flying, right? But it comes with its complexity. Now you need to have a certified pilot, right, to manage all of that. 

And at the same time, you know, when we look at the digital world, I don't think we have a certified, you know, we're not as certified when it comes to flying in the digital world as we are in the analog world.

Tim Butara: So there's obviously this trade off between benefits and complexity. So, you know, you probably have to balance that very carefully. 

Andrej Safundzic: Exactly. I mean, the downsides are also clear. So they are kind of maybe four that I can mention. The first downside is, you know, for anyone that worked in a bigger company and needed access to something, let's say I want to have access to a database or I want to have access to a new application.

Usually it takes a day, two or three. Why? Because you create a ticket. Then, you know, an assistant administrator looks at the ticket, needs to ask for approvals, right? And it takes quite some time for you to get access. 

We just had a customer, you know, that talked with us and they said an engineer needs four weeks to be onboarded. Four weeks to get access to every tool. Right, which is a long time to just like stand around and not build and innovate. So that's one problem. But then there are three other problems more. That's the end user problem. 

But then there are three problems on the company side. Having 650 apps and thousands of licenses is a cost problem. Often people use the same apps multiple times. They use monday. com, Asana, Jira, ClickUp, right? And so they use often, because it's dispersed, many tools that are the same. 

And often you get a license, let's say you get an Adobe license to get a project done. And then you don't need it after two months, but you still keep the license. So the complexity in terms of cost management goes up. 

Usually people, you know, overspend on software up to 20 to 25% because they have too many apps that are redundant, and they have often licenses that aren't used. So that's problem number two, costs, right, for the business.

Problem number three is security. There have been a lot of hacks lately, right? And what happens usually is imagine you are an administrator in a company and you get compromised. Right? Now the admin is the hacker. And the hacker can do a lot of stuff with admin rights. 

So the problem is as you have more applications, you have more admins, and it's hard to kind of know who's the who is an admin, who isn't an admin. And so once you get compromised the blast radius, that's what they call it the radius of you know threat It's just increasing because of the complexity.

Think about like, just like, you know, 20 years ago, you had four applications or five or six. It was clear who was an admin and who was not, right. You have now 650 applications and it's not clear anymore. 

The last piece is compliance, right? So what you need to kind of have from a compliance perspective for ISO or SOC 2, you need to have an approval for every request to software logged somewhere, right? So if I want to have access, let's say to Salesforce, this needs to be locked somewhere, right? 

And when you have so many apps, people Slack each other, people I kind of ask via email, so it's this whole mess. Of your approval, you know logs are all over the place. 

So that's what the app-ocalypse comes with; end user pain, slow, costs more than you need in a company, security problems Once you get compromised you have too much access, and also compliance problems when the auditor asks you, show me all your approval logs, you have them all dispersed all over the place and that needs to be managed as well.

Tim Butara: How about silos and siloed data, right? If there's 650 apps that then it makes, I mean, it's highly likely that an important piece of data will not be available in all of the apps that it needs to be available in.

Andrej Safundzic: Exactly. That's a, one of the problems is that's why people, you know, the most obvious problem is like redundant applications, what we talked about. 

Imagine you have a project management tool, Asana, Monday, and Jira. So you have now three project management tools and all your projects are in three different, you know, applications. Which makes it very hard to what we call interoperate. Interoperability with more applications is pretty, pretty tough, right?

Having one integration between Salesforce and your marketing system, let's say HubSpot, simple. But now you have 30 sales tools and 30 marketing tools and, you know, creating all those interdependencies is hard.

That's why Snowflake, by the way, became such a successful company, right? Because it became your data warehouse where all the data from all the applications can be kind of, you know, stored.

And the other thing is silos also a problem because every department can now sign up for their own applications. So they don't talk with each other. They don't need to ask for help. Right. And that kind of leads kind of to inefficiencies across the company.

Tim Butara: For my next question, I'm interested in what product managers can teach entrepreneurs or just individuals in the context of helping them manage the apocalypse and navigate through it.

Andrej Safundzic: Yeah, I think, you know, if we look back to Toyota, right, think about it, let's go back to the world of atoms. Toyota, to build a car, doesn't even need to be Toyota. To build a car, you need 30,000 pieces. 30,000 pieces parts, right, to build a car. 

So did Toyota decrease the number of parts to build a car? No, they still need 30,000 cars, but they innovated in a way how you assemble the car. They brought something out called Kaizen, lean manufacturing, right? 

You know, build, measure, learn... actually, build, measure, learn that we know from the startup world actually started in the car world, Toyota invented it, more or less. So Toyota came up with a kind of interesting mechanism to kind of, you know, assemble pieces and this became the competitive differentiator. 

So what I believe in is that especially, you know, departments like finance, departments like IT, security, compliance, procurement, need to think about is, how can we become product managers, not for our external product, but for our internal products, right? 

We just think about external product management, but there's also some form of internal product management necessary, right? And if your tools act well, if you, you know, have a good system, basically your system, your digital system is your factory, more or less, right? 

And maybe you know it, you know, back in the days when the Soviet Union, you know, when the wall fell, right? Eastern companies were way behind because of the machinery, right? The Western companies had more machinery, more processes, and they were able to produce better goods and innovate more. 

At the same time, my question to you is, in a company, are you living, you know, in the Soviet Union or in the Western world when it comes to your digital machinery? How well are you managing your digital machinery, right? And that's something, you know, people need to think about, you know, internally.

Tim Butara: What about, if we're speaking internally in the company, what about the role of the culture and the people of a company in its attempt to navigate and manage the app-ocalypse?

Andrej Safundzic: Yeah, I think, you know, the answer is not, don't use tools, right? That's not the answer. In fact, you should use more tools because that keeps you up to date. You should innovate. You should try new things out, because great innovation is coming out, especially now with AI, all those amazing kind of, you know, tools are coming out and you need to be a quick adopter and a quick tester of those.

The question is what infrastructure are you building to disperse that, you know, technology quickly while keeping it safe and cost efficient.

And there's a term that I call self governance. So the goal is not to kind of control everything. Control everything that's coming in and coming out. The goal is, how to make it easy for each department to adopt tools fast. Right? And disperse it. 

So let me give you a concrete example. What if once a tool is tested and people say like, yeah, we need this across the company. What if you could just like, you know, add it to an internal app store where everyone can just like access it within two seconds. Right. And not wait on IT to disperse it.

So the question in terms of the culture is more about, it's similar to, I would say a government. Okay. So the cities are innovating, which are the teams. But now a city found innovation. How can you kind of disperse it across every city? A city cannot just talk with each city and say like use it, use it, use it, use it. They need a government who makes it simple for everyone to adopt it, right?

And so you need to build certain systems, so when you find great solutions, you know within the teams, you should make it simple to disperse, but as well on a big level, on a company wide level, you need to be able to track it. How much am I spending? Is it secure? Etc. 

So that's kind of you know, what I would think about how can you build like kind of a federal system in your company, where often the teams are already there, the cities that are innovating are already there, but this connecting layer is missing. 

So what I believe in is that, you know, IT teams, finance teams, procurement teams need to do the same as DevOps.

DevOps came up just 10 years ago or 15, right? Where DevOps makes it simple for every engineer to innovate because they abstract the infrastructure out. 

At the same time, we need a new position called TechOps. technology operations, where it makes it very simple to adopt any type of technology in a simple way.

Tim Butara: Oh, a lot of really great points here, Andrej, but just before we wrap things up and kind of wound the conversation down, there's one more thing that I really wanted to talk with you about, and that is the importance of incorporating risk into your strategizing. Why is this so important to successfully manage the app-ocalypse? 

Andrej Safundzic: Yeah, I mean, like, honestly, two years ago, it didn't seem important, right? Companies were just growing and growing and growing and growing and growing, right? 

2023, it was not any more growth at all costs. It was almost like growth at no cost. It was like, prove it... in fact, even like public markets, you know, show that growth matters if it's efficient, if risks are reduced.

So both to run a successful business, you need to grow and be efficient, at the same time. So how can you grow and be efficient at the same time? It's kind of very contradictory sometimes. So I'll talk about this later, that's why self governance is important. 

But when it comes to internal product management, right internal technology management, you can't just think about, how can I give users everything? How can I give users everything in a secure and cost efficient way? 

So, what that means, for example, is if I disperse a new technology, let's say you just got like a new tool on board, like Miro like a whiteboarding tool, and you want everyone to use it. But if you give it to everyone and someone doesn't use it, why don't you just remove the license from the person? Because they don't need it. Why are you paying for it? Right? 

Or, on a security side what often happens in, with engineers is they get all the access. Suddenly everyone has admin access in AWS and can kind of change databases, can change customer data, et cetera. Now, if a compromise happens, or if you have a disgruntled employee, suddenly bad things happen.

Suddenly, you know, the customer says like, wow, you know, a hack happens and customer data is exposed, et cetera. 

So both on a cost side and on a security side, you need to kind of take care, you know, off both your finance funding and both of your customer data, and make sure that you fight the app-ocalypse in an efficient and secure way.

Tim Butara: And those were some great notes and great tips to finish on this great conversation, Andrej, just before we jump off the call, if listeners would like to connect with you or learn more about Lumos, where can they do that?

Andrej Safundzic: Yes, of course. So they can just like, you know, look me up on LinkedIn. I respond to every message. It's Andrej Safundzic on LinkedIn, or you can just like email me. It's andrej@lumos.com . And I'm excited to kind of get your feedback and talk about the app-ocalypse. 

Tim Butara: Awesome. Well, it's been great discussing the app-ocalypse with you today, Andrej, and we'll add everything into the show notes for the episode so that anybody else who wants to discuss things with you in the same context has a free, very accessible way to do so. And yeah, thanks again for joining us today.

Andrej Safundzic: Thank you so much. 

Tim Butara: And to our listeners, that's all for this episode. Have a great day, everyone, and stay safe.

Outro:
Thanks for tuning in. If you'd like to check out our other episodes, you can find all of them at agiledrop.com/podcast, as well as on all the most popular podcasting platforms. Make sure to subscribe so you don't miss any new episodes, and don't forget to share the podcast with your friends and colleagues.