BoxyHQ  -  The must-have for your startup’s next enterprise customer

Introduction

BoxyHQ enables you to add plug-and-play enterprise-ready features to your SaaS product.

The Why

It initially started with identifying the pain of developers having a TON of responsibility — right from infrastructure to actually building the product.

And with the growing cybersecurity attacks, they need to start thinking about security as well.

[Cyber-crimes are predicted to cost $10.5 trillion annually by 2025]

The goal is to help smaller startups become enterprise-ready.

Because until there’s an enterprise client coming in, security is usually an afterthought.

But they (enterprise customers) are the ones who question your security posture, compliances and more — as a company.

[About 70% of development teams skip crucial security steps due to time pressures.]

That’s where BoxyHQ comes in.

But wait… What is enterprise-readiness?

In a nutshell, it’s being secure, scalable, stable, and easy to run in production.

According to Sama — Carlos Samame (Co-Founder), there are 2 paths for startups towards the need to be enterprise-ready:

1. Initially focused on smaller customers and now looking to expand.

OR

2. Building a new product and targeting enterprise customers from Day 1.

But how do things look like from the enterprises’ end?

Enterprise customers are often apprehensive (concerned) about trusting startups vs. established businesses. Because the stakes are usually much higher.

They’re mainly looking for 2 things:

1. Your other enterprise customers (helps credibility)
2. Whether you follow the compliance requirements (key necessity)

They look for quite a few standards to be met in a solution provider 👇🏻

Before you feel overwhelmed, he further adds that you don’t need to start building all of this, and focus on 3 key areas:

1. Customer obsession
Understand their current needs, pains, motivations, processes, and most importantly — whether the plenty of software they already use will work smoothly with yours.

2. Time to market
Invest in off-the-shelf enterprise readiness solutions that you can integrate into your SaaS app vs. spending months building in-house. Spend more time on your core product vs. non-core features.

3. Reduced engineering costs
Investing in external solutions saves developer time spent on coding, fixing bugs, and the overall learning curve.

“People’s time is more expensive than developer tools.”

A great way is to rely on open easily available open source solutions.

Source: Be enterprise-ready: 3 reasons not to build enterprise features!

The BoxyHQ suite — in the chronological order of release.

1. Open Source SAML Jackson

Yep, that’s the product’s name. Pulp Fiction fans get the reference but for others–

💡 Pulp Fiction is a 1994 American crime film written and directed by Quentin Tarantino. Samuel Jackson starred in a leading role.

SAML SSO was the first product created by Team BoxyHQ — pioneering their vision for enterprise readiness. (Launched on August 4, 2022)

SAML: Security Assertion Markup Language
SSO: Single Sign-on

What does it do?
It offers an out-of-the-box solution for deploying SAML quickly and efficiently — helping your *enterprise customers manage access controls on their systems.

How does it work?
Just connect your product to BoxyHQ and everything else is managed for you!

BoxyHQ connects to almost every identity providers for you to go from the first line of code to fully support SAML in just a week!

What are its benefits?

Centralized management and increased security 🔒
Enable your customers to manage access control on their own systems so they can:

- Have the right access
- Prevent password sharing
- Easily grant and revoke access as needed

Better user experience ✨
Just need to log in once to access all the external services on a dashboard with a single click. It’s simple and easy to use.

- Saves users’ time
- Improves your product’s UX

Reduces cost​s 💲
All the account information is maintained and managed by the IdP vs. multiple services. This helps in saving costs.

(IdP is the identity provider — the single point that let its users access all the services from it)

“The idea behind SAML SSO is that by centralizing your access to an external system you can better manage access and permission as well as improve security.”

- Aswin Venugopal, Senior Software Engineer

TL;DR

Without BoxyHQ’s SAML SSO, on the user side 😔

- Spend a long time to build a SAML integration
- Create integrations for each of your customer’s identity providers (IdP)
- Spend time, energy, focus, and resources away from your core product

With BoxyHQ’S SAML SSO authentication 🤠

- Centralize management
- Improve security
- Enhance user experience
- Increase productivity
- Save time, reduce costs

On the solution provider’s side, it looks like:

Typically, for each IDP you have to connect all the instances of your product and build a unique integration. This can take months and take the focus away from your team building your core product.

Here, you only have to connect your product with a direct integration to BoxyHQ and then it manages and connects you to all the IDPs. You can deploy SAML SSO with just a few lines of code!

🔗 The sources are linked here and here (official BoxyHQ blogs)

“Deepak (Co-Founder) himself helped us implement SSO SAML in cal.com and we’re more than happy about it! it’s great to finally see an open source project tackle enterprise-ready features!”

— Peer Richelsen, Co-Founder at Cal.com

Note: Team BoxyHQ recently re-launched the enhanced SAML SSO on Product Hunt! 🚀

2. Open Source Directory Sync

Organizations use directories from different providers to manage user access to organization resources.

BoxyHQ’s Directory Sync lets orgs activate and deactivate user accounts, create groups, and keep their app in sync with the user directory in real time.

💡 In an enterprise customer context, a directory is a central repository that holds information about employees, customers, and other resources in a company.

In simple words, you enable your customers to:
- Have higher security standards
- Centrally manage their user’s access lifecycle

It supports the SCIM 2.0 protocol*

*SCIM: System for Cross-domain Identity Management

“Directory Sync streamlines the user lifecycle management process by saving valuable organizational hours, creating a single truth source of the user identity data, and facilitating them to keep the data secure.”

Docs

Learn more: Examples & Resources (Directory Sync)

3. Open Source Audit Logs

BoxyHQ’s Audit Logs ‘Retraced’ offer your enterprise customers the ability to record and search events that happen on your application.

Note: Retraced was initially built by Replicated and has been enhanced by BoxyHQ.

They provide a detailed record of user actions, and can be used to monitor potential security breaches, compliance violations, and other issues.

“The world’s best SaaS companies offer detailed Audit Logs, your SaaS should too as you move into serving the enterprise segment.”

— Vanshika Srivastava

Why are Audit Logs important?

For most companies, the ability to monitor the flow of data and be alerted to any breaches is super essential.

Audit logs help to pinpoint any misuse of information and ensure that data policies are followed ✅

This one simple API helps you become compliant fast, and ensure your customers get all the functionality and safety they need.

4. Admin Portal

Manage Enterprise SSO, Directory Sync, and Audit Logs products via an easy-to-use web interface.

It can help you streamline your workflows and increase productivity.

You can use the authentication method of your choice (Magic Link, Email and Passsword, SAML/OIDC Single-sign-on)

BoxyHQ’s future products (where relevant) will also be available in the Admin Portal.

To enable the Admin Portal, you need to deploy Jackson as a service.

5. Data Privacy Vault

In the day and age of high cyber-crime, and increasingly sensitive data– you need to protect your customer’s data and trust.

Privacy Vault is BoxyHQ’s open-source solution to centralize, isolate, and govern all the sensitive data you collect.

With the Privacy Vault, you can:

• Identify all the sensitive data from clients’ application database, and move it to the vault.
• Replace the sensitive data in their application database with (exchangeable) opaque tokens.
• Gain control over where the sensitive data goes, who has access to it and for what duration.
• Create access policies that adhere to data regulations and geographic regulations.
• Get the ability to respond to DSRs (Data Subject Requests) from customers.

What users are saying 💬

“It let our team focus on what we do best (democratizing scheduling for everyone) without getting distracted by the needs of our enterprise customers. Did I mention it’s open-source and free?”

Super Tokens — An open-source authentication solution

“We at SuperTokens needed to provide SAML login to our users, and instead of building it from scratch, we found the perfect open source project — BoxyHQ!”

Meet the Founders ✨

Deepak has over 2 decades of experience in design, architecture and development of complex software products across different SaaS and mobile platforms.

Sama has 15+ years of experience working at tech companies across different business areas and continents.

The BoxyHQ Pledge 📜

“As long-time users and contributors to the open-source ecosystem, we want to do the right thing for the community. That means we will make sure that our core open-source code stays open. We will also strive to use open standards where possible. We want to collaborate with the community to build towards our vision to make security, compliance and privacy easy for developers so they can focus on their core product while being compliant...”

Learn more here: BoxyHQ pledges to keep our core open-source code open

What’s Next for BoxyHQ 🚀

The team is currently building a new SaaS platform, and giving 50% off for the first year’s subscription!

You can sign up for the waitlist before August 1, and make the most of this limited-time offer.

Check out BoxyHQ’s GitHub page, official documentation, and Twitter profile 🚀

And don’t forget to follow Scoutflo on Twitter if you haven’t already! ✨

We’re also active on LinkedIn 💙