At the recent RSA Conference 2014 in San Francisco I had the opportunity for an in-person interview with Barracuda Networks CEO William “BJ” Jenkins. Barracuda (NYSE: CUDA) has been busy over the last year or two: Jenkins arrived as CEO in November 2012, and Barracuda went public in November 2013, raising more than $75 million with their successful IPO.
In an industry often dominated by security giants like RSA Security, Symantec, McAfee, IBM, Microsoft, and other tech titans, Barracuda Networks has carved out a profitable niche for itself as a security solutions provider primarily focused on customers in the small and medium business (SMB) segment. While other industry analysts and cloud providers are pushing IT departments to embrace the cloud, Barracuda Networks prides itself on offering a menu of security solutions aimed at customer needs that include both on-premise and off-premise solutions.
At RSA Conference 2014 last week I was able to schedule about 20 minutes to chat with Jenkins in a small meeting room just outside the conference press area. What follows is a lightly edited (for space and clarity) transcript of our discussion, based off a digital recording of the interview.
Jeff James: You joined Barracuda Networks last year, correct?
BJ Jenkins: Yeah, November of 2012, so it’s been 16 months, I guess…yeah, 16 months. Before that I was at EMC for almost 15 years.
Jeff: Did you ever imagine that Barracuda Networks would reach the IPO stage? Perhaps that’s more of a question for [Barracuda’s] founders.
BJ: There was a great opportunity at Barracuda for me coming in that I was excited about. You never know. There are so many companies who want to go public and they can’t. There are a lot of obstacles in the way.
For the founders [of Barracuda Networks], it’s been a 10 year journey, so it was a lot of work throughout the organization to get it there, but it was really something that was a big milestone for the company, the employees, for the founders, so it was an important thing for us. I think the reason why we did it was certainly that pride in making the jump from private to public, for the employees, and the founders, and the team. It’s a great motivator for the team.
Secondarily, as you grow in scale, we do all our business through partners, and especially when you think about international expansion, partners that are in Asia and partners that are in Europe want to grow. They want stability. They want investment. They think long term, they don’t think short term, so being a public company gives you more credibility with those constituents.
I think the final thing for us that certainly helps us is that we serve a different market. We serve SMB and the mid-market, and we got a lot of awareness in doing that.
There are a million companies that have between 100 and 5,000 employees. Our job is to make sure they’re aware of us, and hopefully we can engage with them, so that IPO event helps them become more aware of you. I think all three of those things came together nicely for us.
Jeff: Now that you’ve done the IPO, with all those extra resources, what are you using the IPO…the resources you gain from that, what are you going into? Where are you spending that?
BJ: I think, coming into it, and even for me coming into the job, I was the beneficiary of investment that the company had been making in products, and just over the last 15, 16 months that I’ve been place, we’ve had seven real major product announcements. We’ve moved in. Barracuda Firewall came out. We moved into the application delivery controller market. We announced a sync and share product, Barracuda Copy. We acquired a company, SignNow, in April. We announced our cloud partnerships with Amazon and Azure. The product cupboard was very full, and we’ve been bringing those out, and really focused on making those successful.
I think the second part, post IPO, and this was going on during the IPO process, but it’s really been enabled, is channel expansion. We do 100 percent of our business through a channel, and this was a good event to help us invest in and grow our channel, and in November, we signed, on a new distributor in the US, Arrow ECS. We were working with Synnex, and Synnex was doing a great job for us, but we were really under distributed, so we brought Arrow on in November.
Distributors usually take a year for us to ramp up, but we’re off to a really good start with them, but there’s investment there. You go. You have to go meet with all their partners. You get trained with partners…
Jeff: Sure. It’s not an overnight thing.
BJ: The IPO is helping us with that, and then internationally, we’ve been adding distributors in territories and…
Jeff: What is your strongest market outside the US?
BJ: A little over 70 percent of our revenue comes domestically, in the US. Overseas, we’ve done some acquisitions we did was a company called Phion in Austria, and with that we bought it in 2009, came a really mature and robust distribution channel in Germany and Australia, so Germanic territory, so we do very well there. The UK and Middle East have been doing well for us overseas. In Asia, it’s really good, and Japan and Australia have done well for us.
Jeff: As far as what advice you would give your customers when it comes to security in general, one of the things I’m writing after the show is a distillation of all the advice from security experts into an article that we can give to our readers and say, “You may not have 24 hours to go through all of these different sessions at RSA, but here’s the distilled wisdom of the advice that these people can give you.”
What would your advice be to that same SMB IT guy when it comes to security?
BJ: I think for us…we are that customer. We have 1,100 employees. We have 32 people in our IT shop. The majority of those folks are doing help desk activities, that we have really two people whom make all the decisions. They make application, network, security, storage, data protection, authentication, tools, reporting, phones, and…
Jeff: That’s your CTO and the CIO?
BJ: It’s two IT people.
Jeff: Really? You only have two…
BJ: No. We have 32 people in the group, but we have two directors of IT, and they make all the decisions. The think we try to drive with them is completeness, but don’t over engineer for the business. Understand our business and protect it in that form and fashion. I think, for the customers, what we talk about is the ability to leverage a platform and simplify the ability to protect themselves.
At Barracuda, we use a common hardware platform, a common software platform, and common management, so you could protect all parts of your network, you could improve your network performance, and you could improve data protection strategies through a single lens, and through leveraging without over engineered boxes, and leveraging the cloud. For us it’s simplified. Take those disparate point solutions, and drive an integrated security strategy for your company, and for our customers, we’re trying to be that one stop shop for your security and storage needs. That’s why we have 14 different products that we offer, because our customers continue to want to consolidate and work with a simpler integrated architecture.
Jeff: I’m assuming you guys do a lot of dog fooding? [A Microsoft-derived term for a company using its own products.] You’re familiar with that phrase?
BJ: Yeah, we do. We use our own products all over the place. Everything from…I told you I have [an archive of documents] on my phone. I can access it in our cloud, any files I have in our cloud. We use Barracuda Spam and Virus Firewall so I’m not getting spam. We use our next generation firewalls to protect ourselves. We use our web application firewalls to protect our websites wherever we can.
We use our SignNow product to sign contracts, so I sign recs, I sign offers on my phone. Everything’s mobile for us and for our customers. Wherever possible, we’re using Barracuda. I’ve heard “Eat your own dog food” or “Drink your own champagne.” That’s the other way I’ve heard it said, and both of those, we do. We’re more a dog food company I think, but definitely.
Jeff: Obviously a big trend that’s swept through the industry over the last couple of years is cloud computing, and I know there’s still a contingent of administrators who have been called “server huggers” — people that want to keep and manage their own [on-premise hardware] and they don’t want to move IT resources into the cloud.
BJ: We love those [customers.]
Jeff: How do you balance [your on-premise and off-premise] product approaches? When you’re doing all these new initiatives into the cloud? I guess this is a two part question: One is what sort of growth have you seen with those new cloud initiatives, and the second is what do you tell those customers that are maybe really reluctant to go into the cloud or even consider it? How do you approach them?
BJ: To me, that’s a customer choice, and our goal at Barracuda for those customers in the segment we target is to be able to play our solutions in any…
Jeff: …I know a lot of system administrators would love to hear that.
BJ: …form they want to, so what you’ll see from Barracuda is…if your readers are in the airport, they’ll see it, because on every ad, we have deployment options, and in almost every one of our solutions you’ll see a physical appliance, you’ll see a virtual appliance, and you’ll see a cloud connected option, so we don’t have a preference. We’ll go where customers want to go. We just know we have to be in all those locations with our solutions. We don’t want to miss it.
Jeff: That’s an interesting approach…it also gives you a larger menu of products to offer people, and probably lets you reach customers that you couldn’t otherwise.
BJ: I think each segment that we play in has different value propositions around those choices.
If you think on the storage side, and backup in particular, if you have an organization that needs to recover data quickly, then it’s going to be very difficult just to do cloud backup. If you need to recover a one terabyte file over a wire, it’s going to take you way too long, so you need a local appliance to do probably granular recovery and get your data back very quickly.
In that instance, it’s really a hybrid cloud type of model is good architectural form factor for people. When we look at the security market, there are customers who want…we don’t want to leverage clouds. We don’t want to leverage something outside our own firewall and our own infrastructure, and we provide options to do that, and we’ll enable that.
Then there are customers who are a little more comfortable, and will enable those solutions, and the thought there is we’ll give you the ability leverage burstable compute and more elastic demand. That’s great, but again, for us, it’s customer choices, however they want to deploy the solution.
Jeff: We’ve got a reader survey running right now, and some of the comments from readers are directed at the cloud. “The cloud is evil” and “I’m never going to put anything in the cloud.” On the same token, other people who have embraced it, so it’s kind of all over the map. What about for you guys internally? What is the cloud adoption strategy [for Barracuda Networks internal IT] like?
BJ: We use our own service, so if you think about copy, which is a sync share and file access service. We ran our S1 process [IPO procedure] with SignNow, so the lawyers, the attorneys, the Barracuda folks, the Barracuda board, signed all their documents for the S1 process with our iPhones, iPads, and it was stored in the Barracuda cloud. We backed up to our cloud. Where it makes sense for us, the same way with our customer, we use SalesForce as a selling tool for us, so we are using some cloud applications.
On the marketing side, we’ve built some of our own applications, because marketing and demand generation are important to us. We keep that in…that’s inside. It’s been a mix, but where it makes sense for us to leverage that, we have, and certainly with our own products. We’ve been utilizing our own cloud to deliver those services.
Jeff: That’s it — I think that’s all we have time for. Thanks for your time!
BJ: Thank you very much. I really appreciate it.
We’d like to thank the Barracuda Networks and the RSA Conference PR teams for helping arrange this interview.