Up-and-coming Australian tech companies: Part 2

Page II: In this continuing series, we look at Australian technology companies and their struggles to turn good ideas into commercial successes.Click here for Up-and-coming Australian tech companies: Part 1NETaccountsNETaccounts' genesis occurred when executive chairman Marc Lehmann realised there was a gap in the market for accounting tools for small businesses and investors.

Page II: In this continuing series, we look at Australian technology companies and their struggles to turn good ideas into commercial successes.
Click here for Up-and-coming Australian tech companies: Part 1

NETaccounts
NETaccounts' genesis occurred when executive chairman Marc Lehmann realised there was a gap in the market for accounting tools for small businesses and investors.

"Small businesses weren't able to do their accounting very well," says CTO Grant Young. The existing software was aimed at accountants, not business owners, so "we've tried to rethink the way we do things". Although NETaccounts' software still uses double-entry bookkeeping at its core, that is hidden from users. "We're working in real-world scenarios," and combined with restructured reporting that gives all the information a small business operator needs but in a simpler form, NETaccounts is more appropriate for this audience.

The company realised that potential users were already comfortable with the Web due to the wide adoption of Internet banking in this sector, so online delivery was a core principle of the project. This also frees NETaccounts from the problems of distributing physical copies of the software and subsequent updates, and users are relieved of the task of installing and managing the software, and of backing up their data.

Another aim was that people should be able to use the system with minimal or no training. The combination of standard Web navigation plus user interface elements based on popular software such as Microsoft Word helped achieve that goal.

-Large slabs of what we do would be suitable for multiple markets."

Marc Lehmann, NETaccounts
Development began with ASP as the programming model. The core libraries were built, and the project was about 70 percent complete when .NET arrived. "We waited for version 1.1 before we used it," says Young, but almost all the subsequent work has been done in .NET. This meant redeveloping the core libraries, which is an ongoing process. "You're always going to have a certain amount of legacy items holding you back," he explains.

The software is all developed in-house, primarily by company employees but with the occasional use of temporary specialists. "We haven't had a problem" finding technical staff with the right skills. The company employs mainly recent graduates with a few experienced staff in key positions. The tech crash meant skilled staff were in good supply when the company needed them, and local graduates have good skills.

NETaccounts works to a rapid deployment schedule with upgrades every three months or so, although major upgrades may take six months. "Our development model is very customer-centric," says Young, and it responds to customer feedback and requests for new features. The company is able to quickly enhance a transaction with a new feature that brings a big advantage to the customers that wanted it, but with minor impact on the others.

"That flexibility is one of our comparative strengths and we try to leverage that wherever we can," he says.

To date, NETaccounts' efforts have been focussed on the local market, but overseas expansion is possible. "The basics of running a business are consistent across the world," says Young. "Large slabs of what we do would be suitable for multiple markets," and the component architecture means it would be relatively simple to adapt for other countries. The system as it stands is most suited to countries with similar GST-style regimes such as the UK and New Zealand, so they are the most likely export destinations.

The company was originally funded by its founders, a situation where "the vision and the money go hand in hand," as Young puts it. Some key employees received equity as a way of getting the required talent more cheaply. More recently, NETaccounts' primary funding has come from a single private investor.

The company hasn't sought government support. That avenue was investigated in the early stages, but was too export oriented, and NETaccounts needed money at the R&D stage, not during commercialisation. "We're not particularly suited to the grants that are available," says Young. In any case, "we prefer to get on with getting the job done" rather than "fulfilling the requirements of a grant we may not get."

Product promotion is "probably the biggest struggle for us," says Young. The business is very seasonal, as businesses look for an answer to their accounting problems in time for the year-end processing, or they take the end of the tax year as an opportunity to change or upgrade their systems.

Most customers have been acquired from a related bookkeeping service or via online advertising. Direct mail and the free trial promoted on the company's Web site have also brought in clients, and NETaccounts plans to extend its promotional activities to opt-in e-mail, placed search and advertising in online newsletters.

"We have to convince the customer and reassure their accountant," says Young. "There's a fair amount of inertia in the accounting industry" because of all the other changes (eg, in tax law) they face.

Limited reseller and "white label" programs are in place, but NETaccounts needs to balance its resources between the immediate benefits of direct sales and those from long-term partnerships.

Tenix Datagate
As part of the larger Tenix group (Australia's largest indigenous defence company), Tenix Datagate is the odd man out among the companies described here as it doesn't rely on outside investors or executives' own funds. Group senior management are very committed to developing intellectual capital and providing the resources needed for that, says Tenix Datagate general manager Geoff Rhodes. Where smaller organisations may develop an idea with a view to selling the business to a larger player, Tenix is looking to expand by buying Australian and overseas companies with strong intellectual property.

The Defence Science and Technology Organisation (DSTO) created a technology known as Starlight to allows the one-way movement of data from a less secure network to a more secure one. DSTO entered into a commercialisation contract with a company called Vision Able, which Tenix purchased and renamed Tenix Datagate.

The basic product is the Data Diode, a hardware device that provides the one-way bridge between networks of different classifications. Normal network operation assumes two-way communication -- packets of data are acknowledged either explicitly or implicitly (eg, the acknowledgement of one packet might also imply that all previous packets have been received) -- but the whole point of the Data Diode is to enforce one-way communication. Software to support unidirectional e-mail, file transfer, streaming data, and information transfer via the clipboard is therefore offered.

Two desktop devices have also been developed. One is a secure KVM (keyboard, video, mouse) switch for people who use two PCs with different security classifications -- this is the product that the Department of Defence wanted, along with the Data Diode and supporting software. The other combines the switch with a Citrix-based thin client taking the place of the "low side" PC. While this was not a Defence requirement, Tenix Datagate saw a market for it.

There is a broadly based ongoing relationship between DSTO and Tenix Datagate, and the company expects to produce further products based on DSTO technology.

-Continuing to operate within Australia would limit the possibilities."

Geoff Rhodes, Tenix Datagate
After acquiring Vision Able, Tenix saw the need to expand internationally. "Continuing to operate within Australia would limit the possibilities," says Rhodes.

Market research outside the Departments of Defence and Foreign Affairs showed the desktop devices should be repackaged in a more contemporary style, as the military look and feel wasn't well received by potential customers. That new packaging is currently undergoing final certification in Australia. The original version is certified by the Defence Signals Directorate (DSD) to ITSEC (Information Technology Security Evaluation Criteria) E6, the highest classification. ITSEC is recognised throughout Europe and in Australia and New Zealand, whereas the US and many other countries recognised the Common Criteria instead. "We're currently undergoing certification in the US to EAL7 [the highest CC level]," says Rhodes. "It's the first product anywhere in the world to undergo certification at that level."

Being a pioneer has its drawbacks: the process is taking about 18 months, but it will allow an aggressive move into the US market, he says. The company realised it needed the "look and feel" of a US organisation in order to achieve success there. Having Australian citizens at the head of the operation was not going to be effective, so the operation there is now predominantly led by US nationals. (The Tenix group has begun to apply this lesson to its other overseas operations.) Reflecting the culture of a market in this way is relatively easy for a sizeable company such as Tenix, but Rhodes suggests smaller businesses might struggle to make the necessary investment.

Developing technology products in Australia has its plusses and minuses. As a nation, "we're intellectually agile," says Rhodes, which means smaller organisations can take a concept and develop a product from it. The problem comes in taking that product to the world. The same egalitarian nature that helps turn ideas into reality can hinder us when we try to capitalise on them, he suggests.

Finding the right staff can be a challenge, but "good organisations don't have a great deal of difficulty in obtaining and retaining good people," says Rhodes, and cooperation with Australia's world-renowned educational institutions helps provide an edge in this area.

The tax treatment of R&D expenditure "encourages innovation" but it is not a deciding factor in investment decisions according to Rhodes, though he speaks highly of the state and federal governments, which he says are more commercially aware than they were even five years ago. All state governments are very interested in supporting their local industries in practical ways, he says, and he has good things to say about federal agencies as well. DSTO is becoming more commercially aware, and the Defence Signals Directorate "has been very, very helpful" in supporting the US certification process and export licences and regarding export licences. Austrade provided him with valuable support and local understanding at a low cost during a recent visit to Taiwan. "I'm impressed by the calibre of the people and their market knowledge," he says.

Taten
Sometimes it can be difficult to gain market acceptance even the product is a reimplementation of a commercially proven technology.

In the late 1990s, Taten CEO Jeff Lim realised there was a fundamental mismatch between the way the Web provides broad access to information and the access control model implemented by most back-end applications. Web-enabling an application typically transforms the number of users from tens or hundreds to many thousands, and it's difficult to manage that many. "Most backend systems don't manage users at all well," he says. The answer, he believes, has two aspects. The first is to classify users and control their access according to their classifications. There's nothing revolutionary about that: an employee might be able to see their own HR information but not anybody else's, except that managers might be able to see certain information relating to their subordinates. Most applications that implement something like this assume that issues of group membership are determined when the user logs into the system, but in a Web-enabled environment the user is typically the front-end application, not a real person.

Secondly, most security models are centralised. While that works well with relatively small user populations, it doesn't scale well. As the number of users increases, it makes more sense to allow delegation so users effectively become self-managing.

This problem was of interest to Lim because Taten is a successful and profitable company that specialises in "Web-evolving" (his term of using Internet technologies to extract costs from processes or to create new markets) other businesses.

-In the US you can get an audience -- Australian companies are less inclined to do that."

Jeff Lim, Taten
Being unable to find a generic access control mechanism that worked at the application level, he created one and named it iSecure. The first implementation took about three months, and it has been progressively developed since then.

iSecure has been used in a range of real-life systems, including Taten's my2ic wealth management platform (where it allows individual clients to grant access by their accountant to selected information at particular times, for instance), and a Web-enabled property management system for real estate company Knight Frank. If you consider how many different properties might be leased by a large tenant such as a bank, it makes sense to give the tenant the ability add or delete users and give them rights to access (and perhaps change) information relating to the building that each user manages. Other applications include graduate job placement and vehicle fleet leasing.

Various other companies address the question of identity management, says Lim, but not at the application level in terms of controlling access to information. Over the last two years, Taten has been trying to commercialise iSecure as a licensable product in its own right, rather than a component of the systems it develops for clients. While there have been some approaches from large companies with major web projects, they are only looking for the old model of single sign on and restricted access to applications, says Lim.

There's also an element of cultural cringe, he says, along the lines of "if it hasn't come from America it can't be any good". At one major bank, Lim was told an Australian company couldn't possibly understand the problem of the complexity involved, even though Taten had successfully deployed the technology in the financial services area with many thousands of users (and iSecure has been built to work with many hundreds of thousands of users).

Consequently, Taten is looking for partners to help commercialise iSecure as a product. "We recognise that in the hands of the right distribution partner this is a very handy generic tool to extend the range of application level security," says Lim. While there should be a big enough market for such a product in Australia, he has been unable get past the "if it was a good idea, someone else would have thought of it" barrier.

Lim suspects his brainchild would have fared better in the US, where more large organisations are looking for strategic advantage, so "you can get an audience -- Australian companies are less inclined to do that" as they don't want to risk getting too far ahead of the pack, he says.

He recognises the benefits of R&D tax concessions -- "a good thing for us" -- but says Start grants are worth less than the effort that's needed to obtain them. Putting the same effort into landing a contract in another area of Taten's business was likely to yield a greater reward, and "you've got to make every run count".

With the aid of an academic institution, he's also investigating the deployment of the technology in silicon for use in intelligent buildings, where there is a need to delegate authority to manage controls such as physical access, heating, and lighting. Current card access systems aren't domain controlled, he says, so if an employee loses his or her pass card, it can only be replaced with the involvement of the company managing the building security. iSecure would make it possible for an individual tenant's HR or administration manager to generate the new card, as they would only be able to grant access to common areas and those occupied by the organisation.

For now, Lim is resigned to patiently building a user base by incorporating iSecure in successive projects. This, he hopes, will eventually yield sufficient reference sites to break though the "is it American?" barrier.

"We might be the longest overnight success," he jokes.

This article was first published in Technology & Business magazine.
Click here for subscription information.


Page II: In this continuing series, we look at Australian technology companies and their struggles to turn good ideas into commercial successes.
Click here for Up-and-coming Australian tech companies: Part 1

NETaccounts
NETaccounts' genesis occurred when executive chairman Marc Lehmann realised there was a gap in the market for accounting tools for small businesses and investors.

"Small businesses weren't able to do their accounting very well," says CTO Grant Young. The existing software was aimed at accountants, not business owners, so "we've tried to rethink the way we do things". Although NETaccounts' software still uses double-entry bookkeeping at its core, that is hidden from users. "We're working in real-world scenarios," and combined with restructured reporting that gives all the information a small business operator needs but in a simpler form, NETaccounts is more appropriate for this audience.

The company realised that potential users were already comfortable with the Web due to the wide adoption of Internet banking in this sector, so online delivery was a core principle of the project. This also frees NETaccounts from the problems of distributing physical copies of the software and subsequent updates, and users are relieved of the task of installing and managing the software, and of backing up their data.

Another aim was that people should be able to use the system with minimal or no training. The combination of standard Web navigation plus user interface elements based on popular software such as Microsoft Word helped achieve that goal.

-Large slabs of what we do would be suitable for multiple markets."

Marc Lehmann, NETaccounts
Development began with ASP as the programming model. The core libraries were built, and the project was about 70 percent complete when .NET arrived. "We waited for version 1.1 before we used it," says Young, but almost all the subsequent work has been done in .NET. This meant redeveloping the core libraries, which is an ongoing process. "You're always going to have a certain amount of legacy items holding you back," he explains.

The software is all developed in-house, primarily by company employees but with the occasional use of temporary specialists. "We haven't had a problem" finding technical staff with the right skills. The company employs mainly recent graduates with a few experienced staff in key positions. The tech crash meant skilled staff were in good supply when the company needed them, and local graduates have good skills.

NETaccounts works to a rapid deployment schedule with upgrades every three months or so, although major upgrades may take six months. "Our development model is very customer-centric," says Young, and it responds to customer feedback and requests for new features. The company is able to quickly enhance a transaction with a new feature that brings a big advantage to the customers that wanted it, but with minor impact on the others.

"That flexibility is one of our comparative strengths and we try to leverage that wherever we can," he says.

To date, NETaccounts' efforts have been focussed on the local market, but overseas expansion is possible. "The basics of running a business are consistent across the world," says Young. "Large slabs of what we do would be suitable for multiple markets," and the component architecture means it would be relatively simple to adapt for other countries. The system as it stands is most suited to countries with similar GST-style regimes such as the UK and New Zealand, so they are the most likely export destinations.

The company was originally funded by its founders, a situation where "the vision and the money go hand in hand," as Young puts it. Some key employees received equity as a way of getting the required talent more cheaply. More recently, NETaccounts' primary funding has come from a single private investor.

The company hasn't sought government support. That avenue was investigated in the early stages, but was too export oriented, and NETaccounts needed money at the R&D stage, not during commercialisation. "We're not particularly suited to the grants that are available," says Young. In any case, "we prefer to get on with getting the job done" rather than "fulfilling the requirements of a grant we may not get."

Product promotion is "probably the biggest struggle for us," says Young. The business is very seasonal, as businesses look for an answer to their accounting problems in time for the year-end processing, or they take the end of the tax year as an opportunity to change or upgrade their systems.

Most customers have been acquired from a related bookkeeping service or via online advertising. Direct mail and the free trial promoted on the company's Web site have also brought in clients, and NETaccounts plans to extend its promotional activities to opt-in e-mail, placed search and advertising in online newsletters.

"We have to convince the customer and reassure their accountant," says Young. "There's a fair amount of inertia in the accounting industry" because of all the other changes (eg, in tax law) they face.

Limited reseller and "white label" programs are in place, but NETaccounts needs to balance its resources between the immediate benefits of direct sales and those from long-term partnerships.

Tenix Datagate
As part of the larger Tenix group (Australia's largest indigenous defence company), Tenix Datagate is the odd man out among the companies described here as it doesn't rely on outside investors or executives' own funds. Group senior management are very committed to developing intellectual capital and providing the resources needed for that, says Tenix Datagate general manager Geoff Rhodes. Where smaller organisations may develop an idea with a view to selling the business to a larger player, Tenix is looking to expand by buying Australian and overseas companies with strong intellectual property.

The Defence Science and Technology Organisation (DSTO) created a technology known as Starlight to allows the one-way movement of data from a less secure network to a more secure one. DSTO entered into a commercialisation contract with a company called Vision Able, which Tenix purchased and renamed Tenix Datagate.

The basic product is the Data Diode, a hardware device that provides the one-way bridge between networks of different classifications. Normal network operation assumes two-way communication -- packets of data are acknowledged either explicitly or implicitly (eg, the acknowledgement of one packet might also imply that all previous packets have been received) -- but the whole point of the Data Diode is to enforce one-way communication. Software to support unidirectional e-mail, file transfer, streaming data, and information transfer via the clipboard is therefore offered.

Two desktop devices have also been developed. One is a secure KVM (keyboard, video, mouse) switch for people who use two PCs with different security classifications -- this is the product that the Department of Defence wanted, along with the Data Diode and supporting software. The other combines the switch with a Citrix-based thin client taking the place of the "low side" PC. While this was not a Defence requirement, Tenix Datagate saw a market for it.

There is a broadly based ongoing relationship between DSTO and Tenix Datagate, and the company expects to produce further products based on DSTO technology.

-Continuing to operate within Australia would limit the possibilities."

Geoff Rhodes, Tenix Datagate
After acquiring Vision Able, Tenix saw the need to expand internationally. "Continuing to operate within Australia would limit the possibilities," says Rhodes.

Market research outside the Departments of Defence and Foreign Affairs showed the desktop devices should be repackaged in a more contemporary style, as the military look and feel wasn't well received by potential customers. That new packaging is currently undergoing final certification in Australia. The original version is certified by the Defence Signals Directorate (DSD) to ITSEC (Information Technology Security Evaluation Criteria) E6, the highest classification. ITSEC is recognised throughout Europe and in Australia and New Zealand, whereas the US and many other countries recognised the Common Criteria instead. "We're currently undergoing certification in the US to EAL7 [the highest CC level]," says Rhodes. "It's the first product anywhere in the world to undergo certification at that level."

Being a pioneer has its drawbacks: the process is taking about 18 months, but it will allow an aggressive move into the US market, he says. The company realised it needed the "look and feel" of a US organisation in order to achieve success there. Having Australian citizens at the head of the operation was not going to be effective, so the operation there is now predominantly led by US nationals. (The Tenix group has begun to apply this lesson to its other overseas operations.) Reflecting the culture of a market in this way is relatively easy for a sizeable company such as Tenix, but Rhodes suggests smaller businesses might struggle to make the necessary investment.

Developing technology products in Australia has its plusses and minuses. As a nation, "we're intellectually agile," says Rhodes, which means smaller organisations can take a concept and develop a product from it. The problem comes in taking that product to the world. The same egalitarian nature that helps turn ideas into reality can hinder us when we try to capitalise on them, he suggests.

Finding the right staff can be a challenge, but "good organisations don't have a great deal of difficulty in obtaining and retaining good people," says Rhodes, and cooperation with Australia's world-renowned educational institutions helps provide an edge in this area.

The tax treatment of R&D expenditure "encourages innovation" but it is not a deciding factor in investment decisions according to Rhodes, though he speaks highly of the state and federal governments, which he says are more commercially aware than they were even five years ago. All state governments are very interested in supporting their local industries in practical ways, he says, and he has good things to say about federal agencies as well. DSTO is becoming more commercially aware, and the Defence Signals Directorate "has been very, very helpful" in supporting the US certification process and export licences and regarding export licences. Austrade provided him with valuable support and local understanding at a low cost during a recent visit to Taiwan. "I'm impressed by the calibre of the people and their market knowledge," he says.

Taten
Sometimes it can be difficult to gain market acceptance even the product is a reimplementation of a commercially proven technology.

In the late 1990s, Taten CEO Jeff Lim realised there was a fundamental mismatch between the way the Web provides broad access to information and the access control model implemented by most back-end applications. Web-enabling an application typically transforms the number of users from tens or hundreds to many thousands, and it's difficult to manage that many. "Most backend systems don't manage users at all well," he says. The answer, he believes, has two aspects. The first is to classify users and control their access according to their classifications. There's nothing revolutionary about that: an employee might be able to see their own HR information but not anybody else's, except that managers might be able to see certain information relating to their subordinates. Most applications that implement something like this assume that issues of group membership are determined when the user logs into the system, but in a Web-enabled environment the user is typically the front-end application, not a real person.

Secondly, most security models are centralised. While that works well with relatively small user populations, it doesn't scale well. As the number of users increases, it makes more sense to allow delegation so users effectively become self-managing.

This problem was of interest to Lim because Taten is a successful and profitable company that specialises in "Web-evolving" (his term of using Internet technologies to extract costs from processes or to create new markets) other businesses.

-In the US you can get an audience -- Australian companies are less inclined to do that."

Jeff Lim, Taten
Being unable to find a generic access control mechanism that worked at the application level, he created one and named it iSecure. The first implementation took about three months, and it has been progressively developed since then.

iSecure has been used in a range of real-life systems, including Taten's my2ic wealth management platform (where it allows individual clients to grant access by their accountant to selected information at particular times, for instance), and a Web-enabled property management system for real estate company Knight Frank. If you consider how many different properties might be leased by a large tenant such as a bank, it makes sense to give the tenant the ability add or delete users and give them rights to access (and perhaps change) information relating to the building that each user manages. Other applications include graduate job placement and vehicle fleet leasing.

Various other companies address the question of identity management, says Lim, but not at the application level in terms of controlling access to information. Over the last two years, Taten has been trying to commercialise iSecure as a licensable product in its own right, rather than a component of the systems it develops for clients. While there have been some approaches from large companies with major web projects, they are only looking for the old model of single sign on and restricted access to applications, says Lim.

There's also an element of cultural cringe, he says, along the lines of "if it hasn't come from America it can't be any good". At one major bank, Lim was told an Australian company couldn't possibly understand the problem of the complexity involved, even though Taten had successfully deployed the technology in the financial services area with many thousands of users (and iSecure has been built to work with many hundreds of thousands of users).

Consequently, Taten is looking for partners to help commercialise iSecure as a product. "We recognise that in the hands of the right distribution partner this is a very handy generic tool to extend the range of application level security," says Lim. While there should be a big enough market for such a product in Australia, he has been unable get past the "if it was a good idea, someone else would have thought of it" barrier.

Lim suspects his brainchild would have fared better in the US, where more large organisations are looking for strategic advantage, so "you can get an audience -- Australian companies are less inclined to do that" as they don't want to risk getting too far ahead of the pack, he says.

He recognises the benefits of R&D tax concessions -- "a good thing for us" -- but says Start grants are worth less than the effort that's needed to obtain them. Putting the same effort into landing a contract in another area of Taten's business was likely to yield a greater reward, and "you've got to make every run count".

With the aid of an academic institution, he's also investigating the deployment of the technology in silicon for use in intelligent buildings, where there is a need to delegate authority to manage controls such as physical access, heating, and lighting. Current card access systems aren't domain controlled, he says, so if an employee loses his or her pass card, it can only be replaced with the involvement of the company managing the building security. iSecure would make it possible for an individual tenant's HR or administration manager to generate the new card, as they would only be able to grant access to common areas and those occupied by the organisation.

For now, Lim is resigned to patiently building a user base by incorporating iSecure in successive projects. This, he hopes, will eventually yield sufficient reference sites to break though the "is it American?" barrier.

"We might be the longest overnight success," he jokes.

This article was first published in Technology & Business magazine.
Click here for subscription information.