The Enterprise Hacker Rises

As a product manager at Google, Apple, and Wildfire, I’d at times spot a new breed of hacker in the wild. They lurked in the most sensitive areas of the business. They hunted for ways to manipulate, bend, and break our systems. I took to calling them Enterprise Hackers. If you’re smart, or just lucky, they are already inside your company — and they might just save your bacon.

Today, I am seeing Enterprise Hackers in increasing numbers. Their growing legion makes perfect sense. A new wave of web-based software (SaaS in the parlance) empower these hackers to hack solutions to your top problems, often without any technical training. This movement is being driven by SaaS enterprise products with consumer-grade interfaces, freemium business models, and new “glue” services — that allow the output of one system to be fed into the input of another — such as automatically creating a Salesforce CRM lead from a new Shopify ecommerce order. All without having to write a line of code.

Until recently, Enterprise Hacking was still largely the realm of people with technical backgrounds, and involved a lot of improvisation and duct tape. I spent several years at YouTube at one point leading a group that built tools for our internal teams to combat bullying, spamming, and other lousy behavior on the site.

We pieced together solutions with a mashup of code, scripts, and browser plugins, pretty much whatever got the job done quickly. It required recruiting people with a knack for support operations, but also some significant technical expertise. I found that these sorts of people were incredibly hard to find. That wasn’t the only difficulty we faced. Maintaining and scaling our tools was also a constant challenge as YouTube’s user base hurtled toward a billion. While we could talk with our data warehouse engineering team a few cubes away, in some organizations it requires engaging with the IT department to define, pick, implement, and maintain an ETL (extract, transform, and load) tool. Touching any sort of user data was a big pain, as it is in many organizations. Headaches all around.

The situation is vastly different today. A growing crop of startups is providing SaaS tools that can be used by Enterprise Hackers without technical backgrounds, and the power of connecting these point solutions is tremendous. If I were doing this today, my YouTube team’s arsenal would have included:

  • Big data analytics and machine learning to spot spammer patterns (
  • Business intelligence tools to create dashboards to track and communicate hot spots (GoodData*)
  • Powerful scripting languages that can string together both internal and external SaaS systems to automate a host of business processes (Zapier)
  • Drag-and-drop ETL designers to more easily access data sets (SnapLogic*)
  • Tools to quickly create mobile versions of enterprise apps without writing code (Capriza*)
  • A/B testing services to redesign and optimize web app user experiences (Optimizely)

(*) a16z portfolio company

What makes today’s Enterprise Hacking especially exciting to watch — and especially powerful — is that it is taking root in unexpected places.

People in sales, marketing, operations, and finance are becoming masters of these new tools, and this is where the Enterprise Hacking movement really kicks into overdrive.

Folks in these organizations can enable your company to scale rapidly, adapt to change, and serve customers better because they are embedded in your organization and already know how things really get done. They’ve always had the relationships and intimate knowledge of products and customers to solve the problems they see around them, but now they also have the power tools to scale their ideas.

But as with all power tools, you’d better use them correctly or hazard some serious damage. Done right, the efforts of Enterprise Hackers can markedly improve the performance of your organization while also relieving some pressure on engineering and IT. Done wrong, and those same efforts can create unmaintainable patchworks of code and data that can dangerously leak into your organization’s mission critical pathways.

That is the risk you take, but it can be managed. And more than likely, there are already Enterprise Hackers in your organization. So how do you leverage and promote the practice the right way?

First off, many SaaS tools can be trialed on a freemium basis, so it’s easy for your team to get started as they cast about for a problem to attack. Encourage your Enterprise Hackers to first focus on improving your internal systems, where they may have an advantage over your engineering team. A consumer-grade user experience is the new enterprise standard, so leverage that recent college grad on your support team who is steeped in the latest consumer apps. They can help build a more intuitive consumer-grade user experience into the systems they use at work, and that can lead to a big boost in your organization’s productivity.

Product and engineering will still play an important role in all this, however. They can provide a sandbox environment where enterprise hackers can stand-up new apps, access data feeds, and authenticate accounts without impacting production systems or data. Product and engineering should also clarify what they should exclusively manage and where Enterprise Hackers should stay clear.

The Enterprise Hacking movement can be especially valuable for startup CEO’s. A startup environment with tight budget constraints can often drive people to build duct tape solutions. This is often a better route than spending time evaluating and paying for an external solution. It’s likely that you’ll outgrow that solution in six months anyways, so why burn scarce resources purchasing something with a short shelf life? CEO’s should invite teams to prototype their ideas by providing a small budget in time or money that employees can tap into with a good proposal, and create events to publicly reward innovative hacks.

I am not suggested that Enterprise Hackers are the answer to all your prayers. But they are a growing and valuable asset you may not even know you have, and one that can help solve your company’s most pressing problems more quickly and cheaply from the inside.

Tom Rikert is a partner at Andreessen Horowitz on the investing team. Previously, he was director of product management at Wildfire, a social media marketing company acquired by Google in 2012. Prior to Wildfire, Tom was a product manager for Google, where he worked on YouTube and AdWords. Follow Tom on Twitter @tomrikert. A version of this story first appeared in Fast Company.



The views expressed here are those of the individual AH Capital Management, L.L.C. (“a16z”) personnel quoted and are not the views of a16z or its affiliates. Certain information contained in here has been obtained from third-party sources, including from portfolio companies of funds managed by a16z. While taken from sources believed to be reliable, a16z has not independently verified such information and makes no representations about the enduring accuracy of the information or its appropriateness for a given situation.

This content is provided for informational purposes only, and should not be relied upon as legal, business, investment, or tax advice. You should consult your own advisers as to those matters. References to any securities or digital assets are for illustrative purposes only, and do not constitute an investment recommendation or offer to provide investment advisory services. Furthermore, this content is not directed at nor intended for use by any investors or prospective investors, and may not under any circumstances be relied upon when making a decision to invest in any fund managed by a16z. (An offering to invest in an a16z fund will be made only by the private placement memorandum, subscription agreement, and other relevant documentation of any such fund and should be read in their entirety.) Any investments or portfolio companies mentioned, referred to, or described are not representative of all investments in vehicles managed by a16z, and there can be no assurance that the investments will be profitable or that other investments made in the future will have similar characteristics or results. A list of investments made by funds managed by Andreessen Horowitz (excluding investments and certain publicly traded cryptocurrencies/ digital assets for which the issuer has not provided permission for a16z to disclose publicly) is available at

Charts and graphs provided within are for informational purposes solely and should not be relied upon when making any investment decision. Past performance is not indicative of future results. The content speaks only as of the date indicated. Any projections, estimates, forecasts, targets, prospects, and/or opinions expressed in these materials are subject to change without notice and may differ or be contrary to opinions expressed by others. Please see for additional important information.

The enterprise is changing

Sign up for our enterprise newsletter to get the a16z take on the trends reshaping B2B and enterprise tech.