The New Privacy Paradigm - Anshu Sharma

Anshu Sharma is the co-founder and CEO of Skyflow, a privacy focused API platform. He also co-founded Suki AI for health and Clearedin where he serves as an Executive Chaiman. Prior to starting Skyflow, Anshu had a successful career as an exec at Oracle and Salesforce.  He also served as a venture partner at Storm Ventures where he invested in many successful companies including Nutanix, Workato, Algolia, RedLock and others. 

(This is summarized sections of conversation with Anshu on our pod. You can hear the podcast here)

6:32   Beginner's Mindset - You don't want to basically adopt somebody else's religion. What you want to do is ask- First principles questions. Who am I trying to serve today? And what does my journey look like if I want to dominate this market?

10:47 Challenges that privacy represents for an average person- Privacy is about companies honoring your privacy while still delivering the service that you have an expectation for.

15:58 Govt. role in creating privacy laws- good regulations should be minimal and transparent. The objective should be to create the least amount of burden via correcting for problems that cannot be solved by the individual.

21:32 Human Resources- These are deep networks built on trust. We didn't even raise Seed capital because the founding team was interested in solving this problem and working with each other. Today, the location of the employee is immaterial.

48:27 Follow your passion- the bigger answer there is who do you spend your time with? This will probably determine the answer to that question.

Listen to the episode on Apple Podcasts, Spotify, Google Podcasts, or on your favourite podcast platform.

Detailed transcript :

Anshu: If you can't give yourself that permission, go to that one person you think is going to say yes, go for it. Don't go down to the people who are going to say, well, here are the 17 ways this can fail. Because if that was true, Salesforce wouldn't exist and Tesla wouldn't exist and definitely this COVID-19 vaccine would never exist.   

 

Introduction

Neelima: Hello everyone, welcome to another episode of Zero to Exit. This is Neelima and Ankur, your hosts. Today, we are excited to host Anshu Sharma, Co-founder and CEO of Skyflow, a privacy focused API platform. Prior to starting Skyflow, Anshu had a successful career as an exec at Oracle and Salesforce. Salesforce grew 300% during his five-year stint as a leader of the core platform. He then took a quick detour from his product building passion and became a VC at Storm Ventures where he invested in successful companies like Nutanix, Workato, Algolia, RedLock and others. He also co-founded Suki AI for health and Clearedin  which is in the cybersecurity space.

Anshu has got the Midas touch when it comes to building and investing in market leading products. If you are an entrepreneur and product builder and want to know how to take a multidisciplinary approach to product building, you don't want to miss this episode.

 

Interview

Hello Anshu. Welcome to our show.

Anshu: Well, thank you Neelima. I don't know if I have the Midas touch or not but I'm really happy to be on this podcast and happy to answer your questions.

Neelima: First of all, congrats on raising Series A for Skyflow. How does that feel?

Anshu: Well, capital is really hard to raise these days. So I'm very delighted that we've been able to raise capital. No, I'm joking.

Neelima: Absolutely before we talk about privacy and Skyflow, you've had successful stints at Oracle and Salesforce. How did your experience at these companies shape your view on product and company building?

Anshu: So I think both Oracle and Salesforce are prime examples of companies that combined building market-leading products with the ability to market and sell them. I think a lot of companies are good at one of the two things but very few companies are great at building market-leading products and then figuring out how to actually capitalize on that. So oftentimes, you see companies building a great product but then they let the market run away from them over the next few years or you see companies getting an early lead because they're first to get there but it's not really a market leading product in any sense. 

Neelima: And do you think the company cultures in either of the companies kind of attributed a lot to that.

Anshu: Yeah. So I think both companies had some things that worked and which are common but there were a lot of things that Marc did very differently than what he learned at Oracle It's like any of us, we learn the best of what we observed in our early careers and then tried to double down on that and hopefully change the things that we thought were needed to be fixed. So I think in the case of MarcBenioff, he clearly understood the value of sales and marketing, but I think he also learned the value of having a, maybe a more egalitarian culture, probably the value of a newer architecture and things like that which he was able to capitalize on to build Salesforce.

Neelima: Any stories around that you can tell us if at Oracle or Salesforce.

Anshu: There are a lot of Mike Benioff stories.  So I think one thing, MarcBenioff does really, really well is he's able to see the trends happening in front of him better than most people and when he sees those trends even if he's not the one to come up with them, he's able to capitalize and jump on them much faster than most companies. I think this ability to evolve your product and marketing strategy in response to what's happening in the market is I think somewhat unique to both Marcand to some degree to Larry. So an example of this would be between 2008 and 2015, at some point, software service was basically where all the action was and somewhere along the way Amazon web services and other cloud companies started emerging and growing maybe even faster, especially when Microsoft and others joined the cloud race. And so Marc did this jujitsu move, where he basically stopped talking about Salesforce as a SAS company and started talking about it as a cloud company. Now, if you think in very technical terms, it's probably not even accurate, right? Because, software service typically refers to applications, software and platforms. Cloud computing typically refers to infrastructure but he realised the fact that the market was looking for cloud now, whatever that means and it's easier to frame your product in the context of what the market is looking for. A pure technologist or someone who's a literalist would probably say no, we are not a cloud company. We are a SAS company, or we're not even a SAS company, we are a PAS company. So I think being able to not get too attached to what you think you're doing but sort of surf the wave as it comes to you, I think is somewhat unique to Mark. And Larry has done that in the past. I'm not sure as much of that is happening today as it used to happen in say nineties but I think these are similar traits, right? 

Ankur: I promise this is the last question on Salesforce otherwise we can talk about your experience there for the rest of the pod. But one of the questions that have fascinated our listeners is kind of this go- to market with Slack acquisition, more bottoms up, groundswell, but Salesforce sort of has incredible salesforce, obviously Marc came from Oracle. In your experience of five years and even now, how has that experience shaped your view on go- to market? Is it-get the mid-market customers bottoms up but then you need a massive Salesforce to penetrate your large accounts. How do you or what's your perspective on the  go-to market area if you're building a SAS product.

Anshu: Yeah, I think that's a good question. A lot of people like to sell to a certain class of customers. We all have our DNA and natural abilities for example I would probably have a hard time selling to prosumers that are tech laggards living in certain parts of the world because I don't understand and empathize with them.

If you grew up in classic enterprise software companies like Oracle and SAP's of the world, you know how to talk to the CIOs of companies like Alcoa and Coca-Cola but I think this is again where the genius of Marc shows up. When he   started Salesforce, his natural place of benefit or his competitive advantage would have been to actually call up the CIO of Alcoa and say- Hey, I build the CRM thing and why don't you start adopting my product? In fact, he did the opposite. When companies of bigger size would call him up and say- Hey, you know, I would love to have Salesforce, except I want it to be on premise. He would say no. And in fact, he built the company bottoms up because he saw that there was an unreserved opportunity in the SMB category. And he frankly spent many, many years serving that market extremely well and attacking Seibel from the bottom up. So people then look at that sometimes and say- Hey, maybe all software service has to be bottom up and Marc did it that way. 

The way I interpret it is- what you want to truly have is what I call the beginner's mindset. So, when I started Clearedin which is a collaboration security company, we started mid-market first. Because we realized that many companies in that segment have email and Slack and zoom. They are the early adopters. And if we can meet the needs of those companies then when I go to the AIG's of the world, they will eventually have these broader collaboration security needs. But three years ago, all the big companies cared about was email security, for example. 

So if you're building a product where you have a vision that you think is going to go from mid-market to the high end, then you're making a bet. And as you rightly point out, even Slack started there. Slack started with very small teams, selling to startups and growing bigger. So if you're starting a company like Clearedin, then you want to not ask, what would Marc Benioff do in his situation? You want to ask the question, what would Marc do in your situation? 

So at the same time when we started Skyflow, we knew that when it comes to data security, there's a different class of customers that care about it. And even within those customers, there's a class of customers that we wanted to start with and focus. So having this ability to think from first principles, having a beginner's mindset and not getting caught up in- Hey, Aneel Bhusri started Workday by working with the largest companies and Marc started with the smallest companies. And these are just all religions at the end of the day. You don't want to basically adopt somebody else's religion. What you want to do is ask- First principles questions. Who am I trying to serve today? And what does my journey look like if I want to dominate this market?

Ankur: Love that response. One of the things  you talked about as you were talking about Salesforce was Marc saw the SAS journey then saw the cloud trend. One of the trends that you're seeing now is everything is about privacy. There was a recent change in the privacy policy at WhatsApp and how Facebook is going to start collecting the data. Before we get into what you guys do at Skyflow, tell us about your perspective in general on privacy trends both in the consumer context and also in B2B. What are some of the things that the average person still doesn't understand about the challenge that privacy represents or lack thereof. 


Challenges that privacy represents for an average person

Anshu: Yeah, so I think privacy is one of those things that's in some ways hard to define. We willingly go on Twitter and Facebook and share our opinions. We exchange messages with our friends, three of us are on a podcast right now. We're pinning freely. And then there is like I'm booking a trip to go visit my parents in India.

So when I'm thinking about data security and data privacy all of these have contextually different meanings. And a lot of people think of these questions as black and white. Recently, the US govt. tried to ban TikTok  over talk for privacy concerns. I'm sure there's some argument in the corner case to be made but if you're putting together a dance video that you want millions of people to watch. I'm not entirely sure there's an expectation of privacy in any shape or form, especially when all you have to do is create a fake username handle. So to argue that it is somehow fundamentally a breach of privacy is somewhat amusing to me. 

However, when I am conducting a financial transaction on the internet, I want something that behaves like Apple pay. I want to be able to make a payment. I frankly don't even want the vendor to know my credit card number unless I want them to use it again. I don't want them to even necessarily know my address.

In fact, the vision we have for the kind of society we think we can create with technology like Skyflow one day is if you think about it when you're buying, let's say you're buying a toy for your kid or your dog, you happen to be buying it from somewhere in Germany or China. It needs to be shipped to your house. You need to be able to have a credit card number given to this shop online. And you obviously need them to come to your home to deliver it. They need your phone number in case you need customer service help. So it feels like at that point, you should be giving over all your information and in exchange have no expectation of privacy, but it's not really true. 

In fact, the insight we had at Skyflow was you can actually achieve that entire transaction with different entities knowing different parts of the information. So the person or the factory that's manufacturing your toy in China or Germany doesn't really need the address. The address needs to be known by FedEx or UPS or whoever is actually delivering the product to you. The call center that the factory has, let's say that's in the Philippines or India or in Arizona, they need to be able to talk to you but they don't really necessarily even need your phone number other than to validate you. And even the phone call actually can be made anonymously, like sometimes how an Uber driver shows up. But to do all of that correctly, you need to have a mindset of what we call -need to know architecture. Think about how spy agencies like the CIA works. A team of 15, 20, sometimes hundreds of people can work on a coordinated project and each individual in that structure only needs to have the information that they need to know. So our view of the world is that sometimes intuitively it may feel like when you're buying something on the internet and you want to be serviced and the goods need to be delivered, that you should be able to give over your information.

The beauty of technology and portfolio architecture is actually, you can achieve that end to end transaction with very little information going to the wrong hands. And to me, that's what privacy is all about. Privacy is about companies honoring your privacy while still delivering the service that you have an expectation for.

And the false perception that keeps getting created sometimes by interested parties is- Oh, in order to do X, I need all this information. I mean, we've all experienced as you go, you're going to a shoe store and they say- Hey, if you want a 15% discount then you have to not only tell me your shoe size but also your date of birth and this and that. And frankly, none of that is relevant. You don't need my social security number to give me a discount on my shoe. But the perception is created because there's a market for data. And a lot of these people, either thoughtlessly are collecting data and they were told by some consultant in some management course, that data is the new oil. So you collect it. Or they are actually greedy or have nefarious designs where they want to collect the data because they can make an extra buck or two. 

And our view is that if Skyflow succeeds, that relationship becomes more trusted because we can break that transaction into multiple different aspects and take care of data ability to deliver service while you're able to protect your privacy.

Ankur: Well articulated. I haven't heard anybody articulate privacy the way you have. One of the questions I was going to ask you is what's your thought on governments addressing privacy issues with GDPR and CCPA versus markets and consumers dictating the future of privacy through organic innovation through their dollars and through their wallets. Do you think governments actually have a role to play or actually they're being innovation killers in that process?

Anshu: So I think governments are people too. Then on the day, different governments have different actors with different objectives. If you look at what's happening in terms of regulatory developments, some countries are simply using noise around security and privacy to essentially say we don't want multinational companies to operate at a level playing field in my country so I can create artificial boundaries and if I did that 10 years ago, there might be a lawsuit in the WTO, arguing that you creating boundaries that are not allowed. 

But if I use the flag of security and privacy, maybe I can justify it. At the same time, just like climate change and other issues oftentimes an individual cannot by their sheer will solve problems that have externalities. So just like if you are driving a gas guzzling car and the car manufacturers are producing Gas guzzling cars, someone has to step in and say- Hey, given the system we have and if it has zero cost to carbon, then nothing will change. So we need to create a cost to carbon. Right? Similarly, if there is zero cost to you violating my privacy and selling my data to other companies or even bad actors then the market optimal thing there to happen is what's emerged. Oftentimes which is- Hey, if I can make an extra buck trading your data and maybe serving ads that are 3% more accurate for you, I'm going to go ahead and do that. So I think there is a role for the government to play. I think it however creates opportunities for people to lobby the government and try to create rules that may favor them. And I think good regulation should be minimal. It should be transparent. And objective should be to create the least amount of burden via correcting for problems that cannot be solved by the individual. So the perfect example here is we've all experienced spam calls that we used to get on our phone calls and saying that individuals and companies will figure that out never worked because if it's zero cost for me to text, send you text messages and call you and you have no recourse other than taking me to court which obviously doesn't make sense. If someone calls you three times, they're not going to find a lawsuit so it creates a problem. So in those circumstances, you either need a “do not call list” or you need collective action and bargaining. And I think in those circumstances, something like a “do not call list” makes sense. In fact a friend of mine, Tom Kemp, who was the CEO of Centrify, recently was involved in framing regulations and a proposition that passed in California, which moves privacy laws in that direction. He's advocating that maybe we should have a mechanism for citizens to be able to establish their preferences which can then be applied across applications and websites. So I think thoughtful minimal regulation is a step in the right direction. Even the likes of Facebook and Apple and Google have come out and said they want now regulation that actually is thoughtfully enforced. So I think I'm supportive of those regulations but using regulatory environment to stifle competition or helping big companies compete more effectively with smaller vice versa should not be the goal of any regulations.

Neelima: Well articulated Anshu. I do have a very basic question before we go to SkyFlow again which is who ends up paying for privacy in this bigger scheme of things. Are laws driving towards that? And basically in that scenario also, Securing privacy versus sharing privacy data. There is a different monetary chain in either of the scenarios, or do you think they're all related and all the same problem?

Anshu: I think there will be a cost to it but again comparing it to climate change, there is an invisible cost that we are paying today. You can pretty much go by most people's email address, social security number and phone number today on the dark web. How much is that costing us? Not just emotionally but also literally in dollars, there are people, systems getting attacked; in fact, all these phishing attacks, how do the phishing attacks even start? They start out by somebody finding out your email address and then being clever about it. And so then companies have to go out and buy products like Clearedin to basically enforce that. So we're all paying a tax for lack of data security and privacy today. The only thing today is the cost is being borne not by the people who are leaking your data, but actually by people who are trying to do the right thing. And so I think we have to basically shift the burden to those who are actually doing the wrong things rather than people who are trying to do the right thing. So that's one part of the answer. 

The second part of the question is around data sharing and data privacy. I think it comes back to the same question I was referring to earlier: that there is an impression that gets created that I need my data to be shared between two organizations to deliver a better product or service to me. But somehow that means that there has to be free exchange of data between them again. At Skyflow that's exactly we are out to prove is not true. There are newer technologies out there. We call it polymorphic encryption but there are basically multiple encryption schemes possible where I can actually service your product and goods. I can even do things like approve you for a credit loan application without even knowing who you are. 

You know computers are bad at a bunch of things compared to humans but some areas software and computers are amazing. One such category is zero knowledge proofs, right? So, no human being can tell you whether or not Neelima is credit worthy for a car, unless you tell that human being who Neelima is and what she does, et cetera, et cetera. But computationally that's not true. I can actually create a zero-knowledge system where without knowing who Neelima is and exactly where she lives, I can apply differential privacy. I can apply cryptography and I can  create an assertion that says the individual that has this token is now  authorized to purchase any good or service that costs between 40 and $60,000. You're pre-approved. When the token gets delivered to a service, they don't need to know how you got that token. They can actually decide to then give you a car or if you're looking to buy a piece of land or whatever it is. So we can have these multi-party transactions enabled through these cryptographic techniques and zero knowledge proofs that frankly is amazing because that means we can have trust without trust. So we can have trust list multi-party high-trust transactions happening. And in some ways that's the Holy grail, right. And that's what we're chasing with Skyflow and I think it's entirely possible.

In order to do that correctly however, we need to a) continue to make it embarrassing and high cost for companies to not do that. So, if companies can just share your entire profile and save $3 on it while issuing a hundred thousand dollar loan, they would rather do that. But if there's cost to it and it's technically still feasible to service your loan requirement then they'll go ahead and do that.

So I think I'm an optimist in the long run. So in the direction we're moving towards is that more and more things will feel like a service like Apple Pay feels like. Which is you can generate multiple credit card tokens. They don't really need to know even your number. You can even do things like anonymous, email addresses and phone numbers. We just have to make that technology available to everybody else. And so at Skyflow we often say- be like Apple. Essentially, we've pre-packaged some of these ideas. Made them available through a simple API and said - Hey look, you may be running a simple loan application system and may not have all the technology to behave like a responsible company but here it is. For a nominal fee, you can behave the same way a company like Apple would behave.

Ankur: Got it. So, you hit upon this clear opportunity with privacy. And I absolutely think it's going to dictate one of the top 10 trends over the next decade. So I hundred percent agree with you, but you hit up this idea while you're sitting in your cushy VC chair, having invested in successful companies. You could have invested in a couple of dozen privacy related companies. Why did you invite so much pain and started Skyflow ?

Anshu: Yeah. So I think there's obviously more than one reason to start a company. In my particular case ever since I was a kid, I looked up to people who built things, so I admired people like Bill Gates and Marc Benioff who I got to spend time with. And I always thought it'd be great if you can try and solve a problem and build a company where you would be proud of the culture and the product you're building. So for many years I would come up with ideas and see if one of them would be the one that I could commit myself to  and oftentimes you find ideas that are compelling to you but the market is not right or the market is too early or too late. In the case of Skyflow, it felt like it was a problem that at least three, four years ago, nobody was really paying attention to.  

As you know, there are dozens of companies that have been selling security technology, at what I call the protocol level. In fact, as you know, Skyflow is not the first security company I started. Clearedin was built on the same premise. My core belief is that security companies are fundamentally flawed because they're built to solve problems with protocols, one protocol at a time. And when we lived in a world which was very close to the infrastructure layer,  so if your problems are with FTP, I can secure FTP, if your problems are with TCP IP, I can secure TCP IP better and so on and so forth. That would be the equivalent to you trying to protect the power grid by protecting the transformer and the wires and stuff. And that it works great when you're in the early phases of any tech stack. But now we are 30 to 60 years later in the evolution of the technology industry. When we are recording this podcast, it's very hard for you to even know all the protocols that are at play. We are using zoom to look at each other, using Zencaster to record this thing. There's wifi being used in my house. There's TCP IP. There's UDP packets. There is no firewall since we are all working from home. So now how do you secure an environment like this? You cannot do this by saying I'm going to protect one protocol at a time. In fact, we three are very technically competent people and yet none of us have any idea whatsoever of the list of all the protocols and ports that are being used to deliver the service. So what's the solution? 

So from my perspective, the solution is to think in terms of trust between companies, between people. So with Clearedin we said- look, you're not going to be protecting SMTP anymore. In fact, when you send a Gmail from one account to another, it necessarily doesn't even go through SMTP because it's just a pointer to a shared file system. Right? In fact, when you send a file these days, it almost never goes through FTP. So protecting your network from FTP at the firewall is a completely meaningless form of data security. So, if you're going to build a next generation, data protection or security company, it has to start from what I call a business process and trust layer down. So in the case of things like communications, it's collaboration tools, it's email, it's zoom, it's Slack. We have to know, am I really talking to Ankur and Neelima or is someone faking this because they've used a fake email address and phone number to log into this call. All of that requires establishing a trust profile, a trust score, trust network.

And then of course there is application of that trust graph to various protocols, applications and layers underneath but it has to start at the top level. You have to start with who should we be doing business with and whom and at what time and who's not, and then enforcing it. So from my perspective, what's happened in the last 5 or 10 years is that an entire layer of tech stack has essentially been rendered invisible, not useless, but invisible. You know, my friend Dheeraj, former CEO of Nutanix says this all the time. He is like, if Nutanix succeeds or VMware succeeds, or these companies succeed, then cloud infrastructure becomes invisible. If you're a developer, you don't really need to know what operating system is running  on one machine. If you're a user, you really don't need to know whether something is running on a 5g network or your Wi-Fi or whatever it is. If the cloud renders the network storage and compute invisible, that means every security company built  around protecting secure compute and networking essentially becomes useless or becomes a legacy company. There's probably still a lot of money to be made in those layers but it's frankly legacy at that point. 

So, we moved to a different layer, what I call intercompany business processes, interpersonal communications. And we'll have to build a new set of companies. There has to be a new Palo Alto Network, a new Cisco, a new Oracle, a new Salesforce and you solve these problems by picking up one category at a time. So at Clearedin we're like- Hey, collaboration is an entirely new category. We didn't realize work from home was going to be big or we'll get COVID-19. But here we are and it's actually even accelerating the strain. Similarly with Skyflow, we just want our business applications to treat our data the way the world's best companies like Apple and Google treat your data. It's the companies that are tier two or companies that are running on legacy infrastructure that keep having data breaches. It's kind of funny that companies with the best and most data actually have fewer breaches. Then the hotel that you're booking. And the reason is because some of these leading companies have figured out certain patterns like zero trust computations and zero trust data infrastructure. So Skyflow is essentially a package view of building a zero trust data architecture. 

 

Human Resources

Neelima: Great response. So now switching a little bit from the company idea to running the company. You have an insane focus on hiring great early employees and you actually call them founding members on your website. How do you attract and retain top talent in a market like this?

Anshu: It's hard is the first part of the answer. It looks easy once you have made some success. I think when we started the company, finding co-founders and deciding to work with each other was hard. So Prakash and I knew each other from Salesforce days. He's done three or four startups before he's had acquisitions.

He was a CTO of a public company. Getting someone like that to be your co-founder doesn't happen because you pick up the phone and say-Hey Prakash, I'm thinking of attacking privacy. Do you want to change your lifestyle and go back to being a startup with like zero people? It happens because for the last six to eight years, every couple of years, I'd be like- Hey, I'm starting this company. You want to become a venture capitalist. What are you working on? So that's how you find your co-founder. And then your first three to five engineers, it's the same thing. Pradeep, our founding engineering lead has worked with Prakash for over 10 years. He and I were together at Salesforce, he was part of our founding team. His close friend, Roshmik was another key founding engineer. These are deep networks built on trust. And so we were able to hire these people early on before we raised a single dollar. We were literally working out of our homes and offices and did not rent a place for the first 6/9months.

We didn't even raise Seed capital because the founding team was interested in solving this problem and working with each other. It didn't really matter to us. If all those other things were not there and it's not something that just happens on its own. The next 10 or 20 people that came into the team were people who were betting on our vision and the early team. So everybody talks about this, if you have A team members, then it's easier to hire A and A+ people. In fact, things tend to get better with time because now you have momentum, you have a structure, you've raised some capital. So what I found is the quality of talent you're able to attract has actually gotten better over time, in the sense that we can close more people but it's fairly exceptional. All I can say is we've pretty much had less than 5% or 10% of the people reject our offers. Almost every engineer we hire has a job offer in hand from either Google, Facebook, Netflix. One of our recent hires had a job offer from all four of them. We don't obviously pay the highest salary and the guaranteed returns are obviously not there. At the end of the day for these people it's about- Hey, do you want to be part of an early team and hang out with people like us on a daily basis or do you want to have this guaranteed well-paying job? And I think we select for those people and luckily so far, some of them have chosen to come work for us.

Ankur: Where are the next thousand employees coming from assuming you get to that size and scale, which I'm sure you will within the context of obviously remote work and the recent what would appear if you were to believe in Twitter the mass exodus from Silicon Valley to Miami and Austin. Where are the next thousand coming from? What's your perspective on all this centralized/ decentralized team/ location/ geo. Have you exported Silicon Valley enough whereby it doesn't really matter now where you find the people from ? What's your take on that?

Anshu: I have not seen anybody running away to Miami for sure. Austin has been a great location for the last 20 years.

Ankur: I mean Keith Rabois and Sherwin have pretty much taken over my Twitter. So that's all I see nowadays. And now that pomp is gone so sorry. Yeah,  

Anshu: When I can have a private jet and a hundred million dollars in taxes by being bi-coastal, I will find that list but until that time I'm actually focused on just building products. You are not trying to build a great company. You are not  trying to prove a point. I'm not trying to prove I can build a company in Silicon Valley.

I'm not trying to prove that I can't build a company in Silicon Valley. A lot of these people when we started Skyflow and Clearedin were telling me that you can't have a successful company anywhere except South of Market. There was literally a small zone near Foursquare headquarters, which was the golden zone. And if you started a company there, you would be a unicorn in three years. And if you were outside, especially closer to South Bay and San Jose, somehow your company was going to be DOA. Now suddenly the same people think you can build your company everywhere. So, it's like the question we addressed earlier in this podcast around how do you decide whether you work with small customers, large customers. There is no answer that can be applied universally. If you're based in Toronto and you're Toby and you can hire the best people there, you build Shopify in Toronto, that's your competitive edge. If you're like me and you've been able to hire in Silicon Valley early on and one of your founding engineers happens to be on his journey back to India. You open a nerdy office in Bangalore and you hire the world's best engineers there. You take advantage of every small, competitive advantage you have. So it's not about thinking about what I should plan and scheme at a very high level. Those are the wrong lessons to take. So I'll give an example since you were asking me what Marc did early on. 

So, when Salesforce started. It happened to start in San Francisco in Marc's home, or adjacent to Marc's house in a small condo because Marc was comfortable there and he was able to hire these relatively young engineers like Harris and Dave Molinoff and others who were willing to start a company in San Francisco. They loved the city too. At the time nobody was building their Oracle, Cisco level companies there. All great companies were built in the South Bay. In fact, at that time, if you talk to people, they would say the closer you are to Cupertino or San Jose, the greater, the chances of success. And what did Marc do? What did we do at Salesforce? We said, this is great. If you want to work and live in the South Bay. You have many choices; you can go work at Apple, you can go work at Google. You can work at hundreds of companies but if you live in the East Bay or if you live in San Francisco there's basically no other employer. So it meant that the  catchment area was entirely exclusive to us. Similarly, we found a few universities and schools which were under-represented in Silicon Valley. We found that while everybody was going to Stanford, fewer companies were going to Berkeley. So Berkeley became one of the biggest sources of talent for us and so did CMU and a few other programs. Now, if you go back in time and start thinking- Hey Marc build a company at 1 market street, I should also be at 1 market street. You're a complete idiot. He built the company at  1 market because there was nobody like him competing with him in a 15 mile radius around 1 market. In fact, even after we bought an office which was Tom Seibel’s old headquarters in San Mateo, we barely had any people working there for like nearly a decade because we found that our strategic advantage continued to be in the city of San Francisco. So my goal for Skyflow, my goal for Clearedin is we find our own unique advantage.

We are able to hire exceptional talent that comes from a certain background that has nothing to do with location to be precise. What we're looking for is people who are annoyed by your data falling into the wrong hands. Are extremely technical. They want to do something that's very technically hard. What we're really building is a new data infrastructure layer company. So we need people who understand things like Homomorphic encryption. We need people who know how to write a query parser at the sequel layer. We need people who understand multi-cloud, we need people who can run infrastructure across multiple clouds. So these people can go work at a lot of companies, but maybe those companies, their job is not focused on encryption and data security and privacy. So our competitive advantage is simply if you are one of these people, we are simply the best company in that category. Yes. You can go protect Netflix subscribers. Maybe you can make Facebook's data center slightly more secure, but that's not the mission of that company. So our competitive advantage against companies like Google's of the world is if you care about these hard technologies, there's really not too many other places you can go work. And so that's what we leverage. And if I find those people in Thailand, I'll hire them there and similarly if I find them in Silicon Valley. But the reality is that very few people in the world have worked at building databases and borders and encryption libraries. One of our engineers has 20 plus years of experience just building encryption libraries again and again at some of the leading companies. Now he happens to be in Silicon Valley, so that's where he's been hired. If that talent is available to me in Miami, I will hire that talent in Miami. But I think the more likely answer is that we will over time expand to more and more cities and a few individuals would be distributed. So we give you our location strategy as two hubs strategy which will overtime become more and more distributed.

Ankur: Yeah. As somebody who's built encryption for many, many years in the past, I can tell you that the people who built that stuff, it is so hard that they're indeed like two headed monsters. So you're going to have a lot of hard time finding it. They are few but you will know when you find one.

Anshu: Because it's a hard tech to solve. 

Ankur: Perfect. I've got a couple of questions before we go into rapid fire. This has been super insightful but we're mindful of your time. You've had a lot of diversity in your career- VC and product building and starting your own companies, et cetera. What advice would you have for somebody who wants to have this kind of diverse experience? People always talk about things like well, stay in your lane. If you're a security, you are a security. If you're a product, you're a product person. You've done a lot.

Anshu: I'm pretty sure Steve Jobs who said - “the dots only make sense when you connect them backwards.” So I think a two-part answer to that is, if you get unlucky in your life early enough, you will break the linearity. So a lot of people who have relatively successful careers, especially in technology business, they're very linear lives. They go to good schools, they get a good job and things are just linearly set out for them. And sometimes that's great. If that leads you to happiness, that's good but more often than not that leads to what I would call predictably good outcomes. It really leads you to unpredictably awesome or awful outcomes. So, if you want unpredictably awesome outcomes, you have to sort of break the linear path. Sometimes, it happens through good luck and sometimes that happens through bad luck. And I think that's one part of it. So when you're going through your career, every time you have a break in your linear journey, you should think of it as both a blessing and maybe a blessing in disguise kind of a situation. So that’s one.

Second is -curiosity is how I lived my career and that's been pretty much true since I was a kid. I learned computer science because that's what gave me joy. I could play around and build things and I wasn't very good at doing too many other things. So that's what I got joy out of.

So I have lived my career by following my curiosity and when I'm giving mentorship advice to anybody, I ask them to follow their curiosity. I think, planning your career and overfitting to occur is the kind of question you were earlier asking which is, should you build your office in San Francisco or in Miami? Nobody knows the answer. The reality is that the next great tech company may come out of Nigeria and probably won't come out of Miami. Similarly, my career is going to look very different than someone who is today making a shift from product management to engineering or from databases to security. The key is - to find something that seems interesting and something that's changing the world. For me it was 2003, four, five timeframe. When I got interested in cloud computing and by the time 2006 came around, I was frustrated at my previous company, saying- Hey, cloud computing has almost come and gone and we are nowhere so I quit and joined a company called Salesforce.

And I think being somewhat impatient is good. Don't be too impatient but follow your curiosity. Make early bets, be an optimist. If you don't believe we can fix things like climate change and privacy and make infrastructure simpler, whatever it is that drives your passion. Make the world a better place by doing charitable work, giving better and easier. Whatever your vision for the future is lean into it and don't be afraid. You know, we are all blessed. We're all living in a location and anybody who's listening to this podcast is not struggling for the last dollar.

 

Follow your passion

Neelima: Yeah, great response Anshu. One followup on that one- We've talked to several of our guests and this is a recurring pattern we see. Almost all of them suggest finding your passion, take risks. The follow up of that is that you have to make it actionable, right? You find your passion and you're ready to take that risk but what is that secret sauce where you have to push to do stuff which may or may not be very easy. Any advice on that? How should you go about that?

Anshu: Really a two-part answer to that. One is- What are you really optimizing for? Totally understanding yourself but I think the bigger answer there is who do you spend your time with? This will probably determine the answer to that question.

You know, in the old days, that meant literally being physically around people who are risk-takers versus not. I think the benefit of this remote and collaborative world we live in is that it can mean Ted videos and podcasts and stuff. So for me, I live in the world of Patrick Collison's and Marc Benioff's of the world. They may not be interacting with me on a daily basis but that's the people I am thinking of when I'm thinking of how I want to basically make the next few moves or the kind of problems I want to go after. So that's one part like, what is your aspirational direction? 

And that you can pick, I'm a big fan of standup comedy so I spent a lot of time hanging out with the likes of Chris rock and Ricky Jarvis. What that means is I'm listening to what they're saying and I'm imbibing their sense of humor. Similarly, when I'm listening to my mentors and such I'm imbibing their way of thinking, right? So we're all absorbing knowledge and we're basically all making assumptions about what is funny? What is acceptable? What is admirable? What does success look like? Where you should go live et cetera, et cetera. So that's one part, that's the part that you control. 

There's a second aspect which is frankly a little bit less outside of you. And this is a gift you can give to someone else so if Ankur came to me or Neelima you came to me and said- Hey, I'm thinking of doing something where I'm going to go build a new layer of virtualization or I'm going to build a new kind of application that helps people record podcasts better. I can choose to be critical and say- Hey, nothing's changed in the last 20 years and nothing's going to change in the future, or I can lean in and say- Hey, go for it, what's the worst. As I said giving that gift to other people so that they can see what they can do rather than all the ways they can't do something is something we can all do for each other. And then you want to go find those people in your life. At least have one. If you can't have many, at least have one person when you're looking for quote-unquote permission. We all seek permission in some ways. If you can't give yourself that permission, go up to that one person you think is going to say yes, go for it. Don't go down to the people who are going to say, well, here are the 17 ways this can fail. Because if that was true, Salesforce wouldn't exist and Tesla wouldn't exist and definitely this COVID-19 vaccine would never exist.

Neelima: Absolutely. I think finding gurus in your life is the key message here. 

Anshu: Being your own good is actually really what you want to be. But the second best thing is to actually find someone who's going to help you be your own guru. You don't want to say seek a guru.

Ankur: Perfect segway into the last segment of our show which is the rapid fire round. We'll ask some questions, simple, easy answers. This is going to be a softball for a big league hitter like you. So the first question is- your thoughts in as few as possible words on the Twitter ban of El Presidente.

Anshu: I think he should keep publishing his thoughts and ideas on donaldJtrump.com or golf.com. There's at least a dozen websites he controls. There's at least one channel line on TV that he is always welcome to comment on. There's a few others that will report on it. So I feel like his first speech free speech rights are fairly well-preserved and I look forward to seeing screenshots of his website on Twitter.

Ankur: Perfect. He's got a big presence on Parlor as well. I think a Bitcoin bull just going by your Twitter feeds, but what's your prediction on where Bitcoin ends by the end of 2021.

Anshu: Actually, I don't think Bitcoin is a useful technology. So I've been actually a critic of Bitcoin all along. I think Bitcoin in some ways reminds me of Beanie babies and sneakers and how long will Michael Jordan sneakers be worth twice as much? Well, it may last for a hundred more years. There might be a sneaker of Michael Jordan that will be worth $ 80,000 one day but to me that's mostly useless, irrelevant information so that's how I think about Bitcoin. I do think there's cryptographic technologies like zero knowledge proof that are quite useful and that's what we are using in our company but we ignore Bitcoin.

Ankur: Got it. So you are a bear on Bitcoin as an alternative to Fiat. Got it. So, nobody predicted the kind of the run that we're seeing in the stock market which I'm sure you are a long-term bull on. It's been a crazy run. When do you think the music stops?

Anshu: I think the mistake everybody keeps making is they are trying to predict when the music stops for everybody because that's what happened in 99. I think what's changed in the last 20 years especially in the last 10 years is not everybody is Webvan. This time around people have been much better at discerning between Webvan and Amazon. So there's been a very high level, more investment in companies like Workday and Salesforce and Slack and less in man in the middle fake technologies. I am concerned in the last one/ two years that has started to break down, especially with SPACs and these alternative technologies and stuff. So I definitely think a lot of froth and bubbles. My hope is those companies crash as soon and hard as possible. And hopefully that doesn't impact the companies that are stable and fast growing like Amazon and Salesforce and others.

Ankur: Perfect. Your prediction on when we all get back to normalcy and by that I mean packed stadiums and when I get to go to a warriors game.

Anshu: August.

Ankur: Oh, that is pretty precise, brother. I'm gonna hold you to that. Which book or podcast or blog has had the biggest impact in your life?

Anshu: I would say the writings of a few people like Paul Graham's early blogs, Marc Andreessen's blogs. They really opened up a new world that was not earlier available to people who were outside of Sandhill or outside of the Silicon Valley elite. And for me, that was quite transformational  10 years ago for me.

Ankur: Perfect. And the last question: who should we invite next on the pod? 

Anshu: I would love to actually love to hear Michael Dell. I think people underestimate what Michael Dell has done even in the last five to 10 years because he's not quote-unquote Silicon Valley, we don't hear enough from him. So very few people know his story. He basically pulled off the impossible. Yes, Apple's grown a lot as a company and that's great but almost everybody thought Dell was a dead company and now it owns VMware and it's back and growing and stuff. So to me that's an incredible story of resilience and success from someone who frankly didn't need to do it. He was a billionaire. He could have walked away.

Ankur: Absolutely well said and with that we call it wraps. You've been super generous with your time and we certainly appreciate that for our listeners. If you want to learn more about Anshu, follow him on Twitter, he is pretty active there. You can follow him @anshublogUNCW blog and to see his work, take a look@skyflow.com. They've got job openings. So if you're passionate about privacy, encryption and all things technology be sure to visit their website and look at their job blog. Thanks a lot Anshu.

Neelima: Thank you, Anshu.

Listen to the episode on Apple Podcasts, Spotify, Google Podcasts, or on your favourite podcast platform.