About Me

My photo
Mumbai, India
I run an IT Security consulting firm based out of India. We started off from scratch in 2001 when I was 21, and have offices in Mumbai, Bahrain, and UAE. The idea behind the blog is to share the stories of how we run the business, the deals we make, the deals that break, the heartburn, and the sheer joy.

The Ultimate Startup Guide

The Ultimate Startup Guide is an e-book that provides answers to all your questions related to starting and growing a business in India. Everything you wanted to know about entrepreneurship in India from ideation to registration to marketing to hiring. The book contains a large number of practical examples, anecdotes, interviews, and motivational material to help you get started, and to grow rapidly in a booming Indian economy. If you've got the idea, this book will help you through with the execution and realize your dreams. Here are some of the key questions you will find answered in this book:
  • When starting a business, what are the legal issues involved?
  • What form of incorporation is better suited to which type of business?
  • What tax issues are involved?
  • How do I start a business and what are the pitfalls?
  • How do I market my business in the absence of significant funding?
  • How do I get funded?
  • What are the basic accounting concepts I should be aware of?
  • What is a business plan and how should I build one?
The brief table of contents of the book is as follows:
  1. Getting started
  2. Ideation
  3. Forms of Enterprises
  4. Funding
  5. Basic Accounting and Taxation
  6. Import and Export Licensing
  7. Trademark and Patenting
  8. Rules for NRIs and Foreigners
  9. Building a Business Plan
  10. Marketing on a Shoestring
  11. Website and Branding
  12. Women Entrepreneurs
  13. Templates
To order the Ultimate Startup Guide - email me at kkmookhey@gmail.com.

Details of the book are:
Title: The Ultimate Startup Guide
Author: Kanwal Mookhey
Pages: 150
Additional: Companion CD contains numerous templates for building your business plan, calculating cashflow, preparing profit and loss, and balance sheets, preparing invoices, your resume and profile, marketing material, websites, contracts, and many other useful and motivational material.

Thursday, July 14, 2011

Mumbai's resilience - what a load of crap!

I think it’s high time someone called off this bullshit concept of Mumbai’s resilience and Mumbai’s spirit. Let’s be honest – we are not resilient, and we wouldn’t recognize our spirit if it came in any form other than a nice shiny bottle of Glenfiddich!

What we are is cynical, apathetic, and very selfish.

Why are we all back to work after the blasts? Because we’re not affected by what happened. Seriously, we’re not! Those folks you see on the news talk-shows, they’re just there for the TRPs. If they dislike the Government’s governance, the security forces’ security apparatus, and our overall intelligence failure – well here’s an easy enough solution for all of it – move to Goa. Yes, Goa has never had bomb blasts and getting stoned there is far easier than Mumbai, and the booze is cheaper! So why don’t we all just up and leave?

Because here’s where we make our money and live our lives, and because we don’t give a damn about pretty much anything else (except IPL and the movies). How does a city get to the stage where it doesn’t give a damn? How do we get so comfortably numb?

Of course, it’s thousands of years of culture seeping the ‘hota hai, chalta hai’ attitude right into our DNA. It is easier to accept horrors like these with the sort of apathy that lies deep within the cells of our bone marrow. And it’s not getting out of there any time soon either.

It’s also because it’s happened a few too many times. When the Mumbai riots happened in 1992, we were all scared shitless! Even my grandparents were horror-struck – and they’d been through 1947 and escaped by the skin of their teeth! Then the serial blasts happened in1993 and it left us all stunned speechless. Then it happened again in 2003 (I’m sure no one even remembers these ones), then the train bombings of 2006, and of course 26/11. After every event, there are the discussions, the politicians expressing condolences (like who gives a fuck!), the talk-show hosts, the industrialists talking about increasing our intelligence apparatus, and the police who promise to look at all angles and give us some concrete news very soon. It’s like a script that Franz Kafka and Stephen King co-wrote during one drunken night! Scarily tragic, yet amazingly surreal in its intensity and regularity.

Even the front-page gore on the Times of India doesn’t really make us flinch anymore. We just take a few more sips of the morning tea and find it mildly amusing that alongside the mauled remains and the blood-splattered streets, we also get to know what our expert numerologist Sanjay Jumani thinks about the date of the event (if this isn’t Kafkaesque, then what is!?)

So we shrug our shoulders, look at the body-count and say, oh more people than this die of malaria, slum landslides, and construction site accidents every monsoon in this city. And by the way, none of those get paid Rs. 5 lakhs per person (sorry, per body).

Now that we’ve shed our sheen of pseudo-resilience, let’s take an equally brutally honest view of what the future holds. 

Here’s how I see it unfolding. We’ll get hit again, for sure. Maybe this year itself, or if we’re lucky not more than once every financial year – around about the same time as filing our tax returns. Bitter irony that – given that we are the financial capital of the country! Or hey maybe if we consult Mr. Jumani, we might even know all the unlucky dates of the year, and then simply stay in the safety of our bunkers.

The same socialites, news anchors, politicians, home ministers, and police officials will come, make their respective angst, opinions, gas, condolences, and more stinking gas known to everyone. Then life will go on.

Oh, but then we have all of these people who say – this is terrible, the system sucks, we want to make a difference! Seriously? The average Mumbaikar has had more than 10 fucking years to make a difference! What have you been waiting for? Armageddon? You and I never did make a difference, and we never will. You think going out and casting a vote is going to make a difference? The hell it will – changes in political parties won’t change the essentially rotten nature of how our shining superpower of a nation functions. Neither will holding candle light vigils. Nor will tut-tutting over single malts.

So we basically have two choices. The same two choices that confront anyone who has not yet become complete inured – fight the system either from the outside or from the inside. The first is anarchy, and I think that deserves a whole different write-up. The second is easier. 

No, no. I am not saying form a political party – you’ll get your ass whipped at the first elections. Simply get 3 friends who want to make shit loads of money in double quick time. Get one of them into the police, one in the main political party, and the third into the opposing political party (it’s called hedging your bets, silly). You then start a security company that supplies the most high-end security apparatus – CCTVs with facial recognition, sniffer dogs that can sniff the RDX from deep inside the bugger’s ass, high-speed patrolling boats with night-vision cameras to patrol our coasts, Tasers, and stuff like that. Take it to the next level – add in some private intelligence folks (since all the police khabris have apparently disappeared), some high-end monitoring software, and real-time communication interception systems.

Then you work out a deal with your two political friends and your senior police officer to begin the necessary lobbying/bribing of the government apparatus to dole out crores of rupees worth of contracts to your firm. Hey, I’ll even help you out with the other 2 competing bids you need to complete the 3-bid system. That’s how all government tenders go out – to the most technically qualified, lowest price bidder, no?

So everyone wins – the system gets the money it needs to function effectively and dole out the contracts, your company wins all the large contracts, and we Mumbaikars actually get some semblance of security! And also, since you said you wanted to make a difference, I’m sure you won’t be supplying sub-standard crap like this.

Otherwise, suck it up, shut up and live with it. Oh, I almost forgot. There is of course a third choice – move to Goa!

Sunday, November 21, 2010

How I got my bank to straighten up

The story starts in 2004 when I took a 5 year loan against commercial property from KM Bank at 11.25% Rate of Interest (ROI). A year later when I topped up this loan, the first loan had risen to an ROI of 11.75% and the additional amount was given at 12%. I didn't understand how the same bank could give two loans to the same person against the same collateral at 2 different rates of interest?

The rate steadily kept on increasing, till it got to an usurious 15.25% a couple of months ago! When I got the letter from my customer-unfriendly bank, I naturally went into a bit of a depression. Imagine my anger, when a customer service representative called me to ask if I would like to top up the loan again, since the outstanding principal had reduced to a 3rd of the original amount and the property value had gone up!? I shot her an angry email response telling her to basically get lost! Then later, a senior rep came to me and told me to write to UK (the CMD of the Bank for chrisssakes!) and ask for the ROI to be re-negotiated if I agreed to top-up the loan.

None of this obviously worked, until I hired a loan agent to talk to other banks. Within 10 days I got 3 offers, the lowest of which was 11.0% from Barclays! When I informed KM Bank about this, I got an SOS call back from them with a confirmed offer letter reducing my ROI from 15.25% to 11.25% with immediate effect! Since the pre-payment penalty was another 2%, I told the other bank that I would stick with KM. They then re-negotiated down to 10%! I immediately triggered the request for balance transfer from KM to the Barclays and happily paid the 2% pre-payment penalty.

End result: ROI reduced from 15.25% down to 10% in 2 weeks of effort.

Moral of the story: if your bank is sucking your hard-earned money, show them it is a competitive market and you can go to the bank down the street and get a much better deal!

Tuesday, May 18, 2010

The Cauldron of Time

Yesterday, during a random dinner table conversation, the question that was put to me was what do you think your purpose in life is? Ah, the fundamental question we all grapple and often ignore. Without getting too meta-physical about it, I think there is a very simple practical answer to the question. And it is simply – doing what one does to the best of one’s abilities.

I see so many people go through the best years of their lives simply watching the clock. They go to office in the morning, put in the requisite 8 hours and come back in the evening. Same routine repeats day in and day out. But what each one of us needs to realize is that we’ve only got a limited amount of time. When you’re 25, you think the entire world is ahead of you and life is limitless. But as Yudhishthira says in the Mahabharata, “the cauldron of time cooks everyone”.  And that is a universal truth.

So given that you’ve got only a limited amount of time, let’s take that argument further. Let’s say you’ve only got a year to go, before your time is up. Would you now bring the same attitude to work and life that you have right now? Or would you change it drastically? If the answer is that you would change it drastically, then my friend the answer to life’s fundamental question is right in front of your eyes and you’re choosing to ignore it.

When we work for organizations who we think pay us less, or a boss who doesn’t understand us, or an environment which is suffocating, we all have a few choices. And the choice is to simply leave that situation and choose another one. Or to try and change the situation. But, there is a third choice: while we’re in that specific situation, life demands from us that we give it our very best. And that is what life is really all about. If you don’t like your job, change it – but while you’re working, give it everything you’ve got. Or else you’re shortchanging the most important person in the world - you!

If you think your company is short-changing you – think again. Or rather trust greater thinkers to guide you. As Krishna says to Arjuna in the Gita – do your duty because that is what you’ve come on Earth for. Do not think of the fruits of your actions. To give it a more practical twist – I say, do not work simply for the fruits of your labor. Do it for your love of the work itself – do it because it is your bounden duty to do so.

Or else, you’re actually waking up every day and cheating yourself. Every hour and every minute of work that you’re whiling away your time, taking long breaks, chatting, social networking, or not giving your profession your best effort and dedicated focus is a minute that is completely lost, and the biggest loser in this case is you – not your organization, not your team – but you! Because the company will keep going on or shut down – but the best years of your life won’t come back ever.

So go change your job if you’re not happy. But stop cribbing and complaining and cheating yourself out of the only life you’ll ever have.

Monday, December 21, 2009

A new enterprise - part II

The bank account.

With all the KYC norms that exist, opening up a bank account wasn't the easiest thing in the world with the newly formed entity. Among other documents submitted, the key documents were:
1. Copy of the partnership deed
2. Letter from my existing company NII saying that I allow IIS (Institute of Information Security) to function from this office
3. An Airtel bill on my personal name as address proof
4. Copy of the receipt of BMC for registration under Shops & Establishment Act. The actual certificate is another story and will take a week or so (check my next blog post on BMC and Bribery)
5. A couple of other letters that the Bank gave me the format of
6. PAN card copies of both directors
7. Form saying PAN card has been applied for - and the PAN card has also been applied
8. Photos, filled up forms, etc.

The main challenge was with the address proof - since there is no bill or government receipt with the IIS name and my office address. And I couldn't wait for the Shops and Establishment Act certificate to come through.

Anyways, it took a week or so, but it's been done now. And this is a bank I've been banking with for over a decade now. But this laborious process of opening up an account is largely due to the RBI's stress on reducing NPAs, controlling benami accounts, and other anti-money laundering provisions. So well, it's all for a good cause!

Friday, October 30, 2009

A new enterprise - part 1

Taking into consideration the fact that scaling a consulting business is a long-term affair, I've decided to take at least the training component out and make that into a separate enterprise. Since it has been quite some time since I incorporated a business, I thought I'd jot down the brief journey of getting an enterprise up and running here to help budding entrepreneurs see the first few steps at least of getting a business off the ground

The first thing I did was to think up of an impressive enough name for the training business - we came up with Institute of Information Security. I then got my in-house team to get the website done www.iisecurity.in

I tasked one of my team members to experiment with some of the e-learning software, and we narrowed down on eFront. So the eLearning channel is also up and running at http://elearning.iisecurity.in

We've also started doing the SEO for the website, and it already ranks high up when searching for specific terms related to the security training business. I also logged in the business with JustDial (www.justdial.com) and with Google local business search.

Finally, the legal part. In order to incorporate the enterprise, we are doing it as a partnership. So I contacted my CA, gave him the broad terms of the partnership, and he's built all the rest of the legalese around it. The deed will be printed out on Rs. 500 stamp paper and will become a registered deed.

Oh, and of course, the process for trademark registration has already been started through my earlier trademark agent (atozservices.info).

Thursday, January 01, 2009

Principles of Problem-Solving

Over the years I have developed some simple principles that aid me in solving problems. Often times I myself forget some of these, so it is worthwhile putting them down in an email, and I hope all of you will also benefit from these in the years to come.
Principle #1
There is a solution to every problem
Rarely have we faced a problem where a solution cannot be found. So every problem, customer complaint, technical malfunction, configuration issue, whatever it might be - does have a solution. The trick in achieving the solution first lies in believing that one does exist. Once you begin from that premise, there is a higher likelihood that the problem will indeed be solved. In fact, you'll look at the problem as a challenge, and not as a headache.
Principle #2
There will always be problems
Problems are not to be shied away from or to be thought of as PROBLEMS! In the sense, a positive attitude to any problem is more likely to help you get it resolved, than thinking of it as an encumbrance from the more enjoyable things you could be doing with your time. Also, bear in mind that behind every problem is an excellent lesson to be learnt and an opportunity for you to grow as an individual and as a professional.
Principle #3
Get as much data as you can
Corollary: Depend on as few assumptions as possible
The more data that you can get, the more likely it is that you will be able to resolve the problems quicker and better. Getting to the root of the problem requires you to ask as many questions as you can, even though the answers may not be what you would like to hear - especially with non-technical problems. Your most helpful aids here are the questions - Why, What, Where, How, When and Who.
Principle #4
Break down the problem into components
If the problem is too large or too complicated, try to separate the issues, and try to resolve them one at at time. Also, try to focus on the simplest issues to solve, and then move on to the more complicated parts of the problem. Here I am referring to both technical and non-technical problems.
Principle #5
Some problems are also hurdles
Just as in a hurdle race the runner does not try to disassemble each hurdle, but simply jumps up over them. In the same way, not every problem needs to be solved. Some problems can be side-stepped by thinking out of the box. Again if you make fewer assumptions, you'll be able to arrive at unorthodox solutions, one of which is to simply walk around the problem and continue in your path to achieve your goals. At the same time the approach of sidestepping a problem doesn't serve well in most circumstances - then you're simply stalling facing up to the issue. And unresolved problems simply simmer and blow up in your face at some time.
Principle #6
Learn how to Google well
Yes we all know this, and yet we all don't do it well. Let me give you one example. Recently, we had some issues where a user's existing password, which was working earlier suddenly stopped working. The usual attempt would be to reset the password, or recreate the POP account, or recheck the settings. But searching on Google reveals this very simple solution to a problem different from what was originally imagined.
Principle #7
Sometimes the problem isn't the problem
If you keep an open mind and try to question people and get to the root of the problem - the real cause of it - you will sometimes realize that what was originally stated as the problem statement, isn't the real problem at all. And in fact, the real problem is something else altogether. What you are being told is the problem could quite possibly be the symptoms of the problem or only the apparent problem. The trick to getting to the actual root of the problem is to simply keep asking "Why". Why is this a problem, then take the response, and ask why that is a problem and so forth till you reach the real cause of it.
Principle #8
Be open to inputs and flexible to change
If you're stuck with a problem and can't come up with a solution it is most likely because you're on the wrong track. If you let your mind open up to ideas from other people and suggestions that may seem whacky or illogical or off-center it just might end up leading to a solution. Which is why brainstorming is an excellent way to solve a problem - just let all suggestions be presented and come to the table, without discussing any of them at length. Once all the ideas are on the table, then start discussing the merits-demerits of each.
If you have any of your favorite tricks, add to this list...

Infosec Scenario in 2009

1. Business continuity to get focus over disaster recovery
BCM is a process issue related to building the framework to increase business resiliency and restoration capability, while DR is about building redundancy through infrastructure investments. It is quite likely that new DR site investments might happen fewer than they did in 2008. But I would not advise cutting down on building your BCM capability - even if you are an SME. Each one of your people does need to know what needs to be done when things begin to fail. This does not require huge amounts of investment, but does require common sense, risk assessment, and regular training and awareness.
Counter: Focus on an effective Business Continuity Plan that takes into account at least the following - fire, ISP failure, transportation link failure, and yes a terrorist attack as well.

2. Capital expenditure on security technologies likely to be hit
This is one area that has seen the biggest hit and is likely to continue feeling the impact with new investments simply not happening. So fewer firewall upgrades, fewer adoptions of recently introduced solutions such as Data Leakage Prevention (DLP), Network Access Control (NAC), and others.
Counter: Really look for ROI on your capital expenditure on security technologies.

3. Focus on regulatory compliance to increase

Make sure you know very clearly what your responsibilities are towards data protection - not only for the specific industry you are in - but also for the countries that you do business in. I’ll soon be releasing a write-up on the Indian IT Act, and the new amendments recently pushed through in the Parliament, and what these mean for every individual and every business. Essentially, even if you are not ISO 27001 compliant or PCI DSS regulated, you are still very much legally liable to ensure due diligence to protect your customer’s data.
Counter: While cutting budgets on infosec is fine, don’t end up putting the existence of your business at risk due to negligence towards data protection.

4. Scareware, Social Networking Attacks, Phishing, and others

While Phishing attacks rose quite a bit in 2008, it is quite likely they will become more prevalent, more insidious and a huge pain in the wrong places in 2009. Combined with Scareware tactics (http://www.theregister.co.uk/2008/08/22/anatomy_of_a_hack/), exploitation of social networking sites (http://www.internetnews.com/security/article.php/3789496 and http://news.cnet.com/8301-1009_3-10078353-83.html), and even Google (http://go.theregister.com/feed/www.theregister.co.uk/2008/12/30/google_calendar_phish/ and http://blogs.zdnet.com/Google/?p=1053) is going to ensure attacks are highly smart, effective, and definitely lucrative for the attackers.
Counter: Focus on awareness, not just within your organizations but also within your families and communities.

5. Computer fraud may rise - a lot

Today attackers are not concerned with releasing the latest virus onto unsuspecting Internet users. Do we even remember how long ago it was when CodeRed or Slammer hit us bad? Attackers today - both external and internal - have one simple agenda - making as much money as they can within as short a time as possible. We’re already seeing SAP, Oracle Apps, and business applications becoming the most lucrative target of fraudsters. All they need is the knowledge (if you’re working with 2-3 years on the same system you know its flaws well enough), motive (layoffs, salary cuts, no bonuses), and opportunity.
Counter: Invest in forensic accounting, and keep a panel of experts on standby to be called in when fraud happens. Get advice on a list of red flags to watch out for.

6. Cyberwarfare could become a reality

At least as far as the South East Asian region is concerned, we’ve already seen an increase in the number of cyber attacks on Indian banks and government websites. This trend will get more serious and more malicious with some really sensitive data being targetted in the months to come. The next frontier for terrorism will be digital, and we’re all going to be facing the brunt of professional hacking, espionage, and digital sabotage. We’re already seeing this with the current Israeli war on Gaza (http://blog.wired.com/defense/2008/12/israels-info-wa.html), and the recent attacks by Pakistani hackers on the Eastern Railways site (http://in.news.yahoo.com/241/20081225/1262/twl-pak-hacker-attacks-e-rlys-site-threa.html), and a couple of PSU banks. See this link for in-depth Indo-Pak cyberwar coverage http://intelfusion.net/wordpress/?p=468
Counter: If your organization is governmental, semi-governmental, public sector, or provides a service or utility of national importance, you are pretty much going to be targeted. Focus on securing your external perimeter and get it tested.

Wednesday, October 29, 2008

Back to globe-trotting

For a while, I'd been more or less spending time in Mumbai, then suddenly about 3 months back work led me to begin my globe-trotting again and give way to my wanderlust. It started with a quick stopover in Dubai for a proposal presentation, and then on to Brussels to join one of our consultants who was working there on a project. This Brussels project is quite noteworthy in terms of the ingenuity of our marketing guy who won it. Seeing a dearth of leads in his kitty, he started to search on Google for tenders and RFPs in our area of information security. He then found this one for an organization in Brussels. When he first told me about it, I said, give it a shot, but mostly we might not win it, because we'll have the disadvantage of increased costs due to travel and stay, which a local company or one in Benelux (Belgium, Netherlands, Luxembourg) or even Europe would be able to avoid by deploying local consultants. But he gave it his best shot, we got shortlisted, and based on a couple of telephonic discussions, they awarded us the project.

Brussels was quite an interesting experience. The project went off very smoothly largely due to the work of our consultant there, and then the weekend before leaving from there we decided to spend exploring that area. My better half joined us, and on her insistence we ended up at one of the casinos. And inspite of my resistance to the slot machines, we actually ended up winning 1000 euros! And then we won a couple hundred more on the roulette and blackjack tables. When we left, we were richer by 1200 euros, which we decided to blow up by hiring a car, going down to Amsterdam - a perennial party place - and spend Saturday night there. It was one helluva experience, and when they describe Amsterdam as one long college frat party - its a very accurate description! I haven't ever seen so many people - not even during peak hour on the Mumbai local trains. And definitely never the sight of thousands of people eating, drinking, making merry, and generally having a collective blast!

After Brussels it was back to Dubai, to sort out my residence visa, since now we have opened up our third office there. Got that done, then I was back to Mumbai for a week or so. My next trip started by having to rush to Mauritius to rescue a project because one of our senior consultants who also was heading our Bahrain office decided to part ways. So I had to take on the project mid-way. But again the place is so beautiful and quite the tourist destination. However, the work pressure was quite a bit, and we managed to spend just the one weekend looking around the place. From mauritius, it was back to Dubai to open up a bank account for the company, then on to Bahrain to sort out the legalities and paperwork and other stuff. Then another week in Abu Dhabi to do a training and complete a project we were doing for a financial institution there.

Then I was back to Mumbai for a couple of days before flying off to Taiwan for the OWASP Asia conference. The conference was wonderfully well-organized by Wayne Huang and his team, with over 1000 people attending. My presentation was on Business Web Application Testing - getting the larger business perspective to the technical approach of pen-testing. I had to rush immediately after my talk to the airport in order to catch my flight and be back to Mumbai in time for Diwali.

So yesterday we had Diwali Puja at our new office in Andheri. While we will retain our current office and convert it into a training center, we'll largely shift all operational and consulting activities to this new office, where we even have a cool new SOC - Security Operations Center, with capacity for 36 people working in 3 shifts.

Things are only going to keep getting more and more hectic. We are aiming to have our 4th international office up and running within the next 3-4 months, either in the Far East, or if that doesn't work out, maybe at a second location within India. Our team is also growing and brand recognition is getting better and better. So if the posts are more infrequenty you'll know why. I intend to write my next posts on our experience in setting up our 3rd office in the UAE.

Tuesday, June 03, 2008

Customer delight - makes it all worthwhile

When you're in business you have to be geared up for the fact that there will be customers who will have issues with various services and products that you offer. Customer support and responding to customer complaints is part and parcel of any company. While quality controls ensure that your deliverables are up to the mark, sometimes clients can still have reservations about what you have given them.

Especially in the consulting line of business, where we're delivering skills, opinions, and knowledge, it often becomes subjective whether we are meeting with client expectations or not. Managing customer expectations is one of the biggest challenges of being in this line of work. In a number of cases, the end result of the engagement is a report or a set of documents and presentations. And very often during the course of the engagement the client often voices their differences of opinion and displeasure at some of the deliverables.

With one of our clients, I almost got into an argument over some points related to the consulting services we were providing. I do strongly recommend to my team to avoid arguments at all costs, unless it is an absolutely critical issue. Disagreements should be voiced, but spats should be avoided. Coming back to this particular case, eventually the client was pleased enough to give us the following testimonial, and it is events like these that make consulting completely worthwhile...

“KK and his team did a brilliant job in guiding us towards the 27001 certification. Their approach was very methodical and systematic right from the stage of gathering requirements in the initial stages to the documentation work and then trainings and audit readiness stages. In fact what I liked the most about their approach was that he focussed on transferring his knowledge to us which has enabled us to sustain the improvements even without his involvement. They never restricted themselves to the scope of the contract. They were willing to that extra mile to make sure that it added business value to us."

Friday, May 09, 2008

Narayana Murthy on Entrepreneurship

I was privileged to attend an interview of Narayana Murthy, the co-founder of Infosys Technologies. The interview session was part of a "Leaders and Learners" session organized by TIE at Welingkar's Institute in Mumbai. Murthy was interviewed by Anuradha Sengupta of CNBC TV18, and a select panel of entrepreneurs. Then the forum was thrown open to questions asked by the audience. Here were some of the key takeaways from this brilliant and humor-filled session:

Q. What does it take to start your own venture?
NM: You need 4 things before you can think of starting your own venture:
1. Idea. The key idea or concept of the service or product you want to sell in the market
2. Market value of the idea. You must have a basic level of confidence in the fact that the market values your product and is willing to pay for it.
3. Team. You must have a team of complementary skillsets - so identify your own strengths, and find people who have different, but complementary strengths.
4. High aspirations. You must be someone who sets his/her sights high, and is willing to work very hard to achieve those aspirations.

Q. What must a startup do for branding?
NM: Do unusual things. Infosys has always attracted the press and positive publicity by doing unusual things, which interest people.

Q. Who were your idols or people you looked up to?
NM: When we started our business, there were already well-established business leaders who had founded and expanded their companies while sticking to sound ethical principles - JRD Tata, even Mr. Birla, TVS, Mr. Kirloskar. Of course, by that time Bill Gates had also become well-known. Intel was one of the foremost examples of success for most security companies to follow.

Q. What is a non-negotiable component when starting your own business?
NM: A sound value system. You have to lead by example, you must walk the talk, eat your own dogfood. Only when will your team trust you implicitly, and only then will they deliver and help achieve the common goals.

Q. What are the characteristics of a successful entrepreneur?

  • Ability to work with other people and work in a team
  • Passion and will to persevere
  • High degree of optimism
  • High aspirations for oneself and for the company
  • Ability to put long-term interest ahead of short-term benefit

Q. How do you judge the value of your idea?
NM: You should be able to express your idea and its value to the market in a simple sentence. Not a compound sentence, nor a complex sentence.

Q. How do you attract and retain talent?
The leadership must articulate a grand vision - an exciting future. This will create a challenging work culture and attract future leaders to the company. The vision must be a story that is compelling, believable, and intrigues and excites the minds of the team members.

Q. What do you think about work-life balance?
I remember K V Kamath's answer to this question: first let's make a life, then think about work-life balance. I don't understand the concept of a work-life balance.

Q. How do you define success, and at what stage did you consider yourself successful, and why?
NM: I have thought a lot on this subject, and my definition of a successful person is one who when he/she walks into a room, people's eyes light up. If he/she brings a smile to people's faces, then irrespective of whether that person is educated, not educated, self-employed, employed, I would still consider that person to be successful. And going by that definition, I am still not sure whether I would consider myself as being successful.

Interestingly, Murthy's favorite books are Richard Feynmann's "Lectures on Physics", and "History of Mathematics" vols 1,2,3.

Wednesday, May 07, 2008

How to get started on your own business

Just a quick short post to answer a number of similar sounding emails I get on how to really get started on one's own business. Here's the lowdown on the logical flow of any enterprise from birth to growth.

  • Ideation. The idea is the key. First come up with what you want to sell. Whether it is a product or a service or a combination of both. The main thing is to come up with an idea or a set of ideas.
  • Marketability. The next step is to test the market for the viability of your idea. Before you quit your job or your college or even your current venture to start a business, you must have a reasonable amount of confidence that the idea works. You might even be looking at funding, so before you approach friends/family/VCs you should be convinced yourself that your idea has a market.
  • Team. This is a tough ask. But if it is possible you should put together a team that complements your skills. So for instance if you are technically very good, find out someone who is good at marketing, and if possible, also someone who is good at finances. When I started out, I filled in the technical strength, and my father was around for the financial part. We still remained weak on the marketing front, and it took us quite a few years to fix that.
  • Business plan. The next step is to articulate your idea. To put together a formal business plan which outlines your main idea, lists out potential target markets, the resources required to bring the idea to fruition, the competition you face, a SWOT analysis, projected cash-flow for the next 2-3 years, and most importantly your team profile.
  • Funding. You may or may not need funding. So this stage would be one where you go out and seek the minimum amount of money that you need to start off your business.
  • Registration & Incorporation. There are legal formalities to be completed before you start on your own business. For a sole proprietorship, there is not much to do, but for private limited there is quite a bit of paperwork you will need to get done.
  • Stationery & Website. You will have to get your basic marketing material in place - a website, visiting cards, logo, letterheads, etc.
  • Execution. This is the rest of your life - beat the pavement trying to get clients, call up all your contacts, try to advertise and market your services/products in the best manner possible, land a few deals, execute on them, invoice them, get the money in the bank, go treat yourself to a nice dinner somewhere!