October 13, 2022
Illustration: Christopher T. Fong/Protocol
Good morning! Independent software vendors face tradeoffs when trying to tap into the vast customer bases of the industry’s biggest names. And it’s becoming much trickier to navigate.
Microsoft's enterprise app store power play
Over its 47-year history, Microsoft has long been known for employing subtle business practices to ice out competitors by preferencing its own products and services. Some of those practices have even come under fire for being anticompetitive.
Microsoft's commercial marketplace strategy hasn't received much scrutiny though, Protocol's Aisha Counts and Joe Williams write. That marketplace strategy is exemplified by AppSource and Azure Marketplace, where third-party developers can build and sell applications across Dynamics 365, Microsoft 365, Power Platform, and Azure.
The benefits are complicated for independent software vendors. While enterprise app stores enable third-party developers to monetize their products and reach new customers, rigorous listing requirements and mismatched incentives can make the experience tricky.
These partnerships solidify Microsoft’s market dominance. As more companies move their operations to infrastructure cloud services, Microsoft and other cloud platforms become the primary distribution channel for third-party companies that build products around those services. And the imbalance of power between the cloud giants and independent software vendors will only grow.
Read more:How Microsoft uses its enterprise software app store to center its power
The Small Business Administration is considering lifting a decades-old moratorium on who can lend its government-backed loans. It could open up a big opportunity for fintech lenders, Protocol's Ryan Deffenbaugh writes.
Under a proposed rule change, nonbanks (fintechs included) could obtain licenses to lend through the SBA's largest loan program.
It's good news for people in underserved communities. The loans are designed to help business owners who can’t get other types of financing, but data shows disparities in who receives the loans based on race and income. The changes could help address that.
It’s also good news for fintechs. "The fintech industry is often serving minority-owned, low- to moderate-income, and the smallest of small businesses," said Ryan Metcalf, head of public policy and social impact at Funding Circle.
If the rule change is approved, fintechs will need to weigh whether the compliance costs are worth the benefits. But high demand from both small businesses and investors may just drive them to it.
Read more: More equitable lending could be a big opportunity for fintechs
There’s no let-up in the surge of cyberattacks against businesses. But shutting down the hackers will require many enterprises to evolve their strategy. Presented by At-Bay.
For those still harboring doubts about the momentum in identity security after reading our special report last week, here's another piece of evidence: ForgeRock announced a deal to get acquired by Thoma Bravo for $2.3 billion, at a 53% share price premium. Protocol's Kyle Alspach spoke with ForgeRock CEO Fran Rosch before the deal was announced, but his answers shed some light on why Thoma Bravo may have thought the deal was a good idea.
When identity is done right, how much can that improve an enterprise's security?
I think substantially. I think the trick is, how do you continue to improve that security without becoming like Fort Knox, where you're so locked down that your users can't do anything? So we're really trying to help our customers do both — improve that security posture, but also make things more user-friendly.
What's an example of how you’re doing that with ForgeRock?
We released a tool several years ago called autonomous identity, or self-driving identity, that can take algorithms [and run them] across a customer's data set. And the anomalies really jump out. It's good for a one-time cleanup of any risky entitlements. But it could also be used if a new employee starts, or an existing employee requests access to a new set of applications or information. If that request makes sense, and it's aligned with [their role], it can give them instant access — no human intervention required.
What does the future look like for identity security?
I think ultimately, users are going to demand better, more frictionless experiences, without compromising on security. I think the ultimate winners in this [space] are ones who can bring more intelligence, by collecting signals behind the scenes of user and device behavior.
After Google Cloud’s Next ‘22 event on Tuesday, it was Microsoft’s turn in the spotlight Wednesday, with the first day of its Ignite event. Here are a few areas from CEO Satya Nadella’s keynote speech that stood out to Protocol's Kyle Alspach and Donna Goodison.
In cybersecurity, Microsoft made a handful of product announcementsincluding across code and cloud security, identity governance, and security operations.
GitHub Copilot is already writing 40% of the code for users of the AI pair programming tool, which turns natural-language prompts into suggested code, according to Nadella.
Read more: For a deeper dive, check out our Enterprise newsletter
FTX’s Sam-Bankman Fried said crypto needs a core regulator:
And Coinbase Institute's Hermine Wong doesn’t think regulators have the time to research and develop expertise in crypto:
MIT Energy Initiative’s Howard Herzog said $100 per ton to pull carbon from the air — which everyone agrees would make carbon capture feasible at scale — is “a fantasy”:
Vista Equity Partners is buying KnowBe4, a software security company, for $4.6 billion, or $24.90 per share.
Some shuffling around at Red Hat: Carolyn Nash is Red Hat’s new SVP and COO; Robert Leibrock was named SVP and CFO; and Jim Palermo was named VP and CIO. Both Leibrock and Palermo will report to Nash.
Eileen Evans is SunPower’s new chief legal officer. Evans is a former senior attorney at HP.
Alexandru Voica is leaving Meta as head of innovation communications for EMEA. Voica had been with the company for a little over four years.
In the last few years, the roles of privacy and security executives — and the budgets they control — have grown significantly as organizations have worked to stymie the growing threat of cyberattacks and navigate the ever-changing landscape of data regulation.
In this event we will explore how the chief privacy and chief information security officer roles will evolve and how each can support the other best when the company needs it most. Join us 11 a.m. PT Oct. 27. RSVP here.
Saleseforce laid off at least 90 people and has implemented a hiring freeze through January.
U.S. chip suppliers are pulling staff outof China’s leading chip maker, Yangtze Memory Technologies, as they look at the potential impact of the Commerce Department’s chip curbs. Also: Samsung was granted an exemption from the U.S. chip restrictions on China, the WSJ reports.
The FCC intends to ban "all sales of new Huawei and ZTE telecommunications devices in the U.S." over national security concerns, according to Axios.
Roku launched its own smart home devices. It partnered with Wyze Labs to sell items like security cameras, smart plugs, and smart lights.
TikTok plans to build fulfillment centers in the U.S., Axios reported. Job postings on LinkedIn show that it’s looking to create an “international e-commerce fulfillment system.”
Crypto.com is setting up shop in Paris. The crypto exchange chose the city as its European regional headquarters and will invest over $145 million in France to support operations there.
ByteDance plans to expand its music streaming business globally, according the WSJ. It's currently available in Brazil, India, and Indonesia.
Microsoft’s version of Canva just came out. It’s called Designer and will be available as part of Office productivity software subscriptions.
Google approved Truth Social for distribution on the Play Store. The app submission was banned in August because of various policy violations, which Truth Social has reportedly fixed.
So long, Office: The Microsoft software suite is being rebranded as 365.
Want to hear something terrifying? Listen (or don’t) to this interview between a fake, AI version of Joe Rogan and a fake, AI version of Steve Jobs. A voice synthesis company based in Dubai created the episode as part of a fictional podcast series called “Podcast.ai.”
“Jobs” touches on various topics, including Apple’s competitors and revolutionary products, which the podcast accomplishes by synthesizing large samples of Jobs’s voice from past appearances. And aside from a few choppy bits, it’s hard to believe the interview is actually fake.
With the amount of our economy now dependent on technology, the lack of government regulation is resulting in major risk to companies, and in the end, our own citizens. In the absence of government action, insurance steps in.
Thoughts, questions, tips? Send them to firstname.lastname@example.org, or our tips line, email@example.com. Enjoy your day, see you tomorrow.