Reflections on being named a Forbes Cloud 100 Rising Star

Leading up to our GA release in late April, we wondered what life would be like post-launch. Even if we felt we had the best platform, would others? After all, tokenization is still in its infancy. What would demand look like? Would the market embrace our new approach to tokens?

Since then, our calendars have been packed with discovery interviews and sales meetings with companies big and small, private and public, domestic and international—all coming forward with great urgency. Basis Theory responded in kind. We hired Casey Clegg as our President to further operationalize all aspects of our business, opened an office in India to serve our growing customer base across the APAC region, and successfully onboarded a cohort of customers that included three unicorns and one publicly traded company. 

I don’t expect things to slow down soon. If being in the startup ecosystem for almost 15 years has taught me anything, it’s that the singular most important ingredient to success is timing. So what’s driving our time now? Why are companies seeking out tokenization to secure their data? Why did Forbes and their experts tag Basis Theory as one of 20 Rising Stars? 

The value of tokenization is going mainstream

I always say ‘tokens are magic’—and they really are—but it’s not just me anymore. Boards and c-suite executives are focusing on differentiation and pushing their companies to outsource anything that isn’t core to their business. Tokenization platforms offer both by providing the compliant and secure infrastructure needed to use and protect sensitive data while giving teams the flexibility and access needed to innovate quickly. And, even in the current recessionary environment, platforms like ours continue to be prioritized in IT budgets by 2x as compared to anything else.

Developer-first is working

Most exciting is that the actual users of these solutions (ahem, developers!) are making the buying decisions. This is one reason why we focus so much on the individual developer. 

The other reason, as I discussed in a previous post on data security as a developer service problem, is that better developer experiences mean better security and adherence. This lens informs everything we do—not just developer onboarding and the documentation, but even how we think about implementations, token design, and our contributions to open source. Simplifying the developer experience means allowing engineers to manage their implementation as code, having a truly API-first approach, and enabling new opportunities closer to the data. Rinse and repeat.

#TheGreatRegulation

Ever since the General Data Protection Regulation in Europe (GDPR, or occasionally, the “Great Destroyer of Product Roadmaps”), the introduction of regional, national, and local data residency and privacy laws has accelerated. 

According to the Information Technology and Innovation Foundation and New York Times, “The number of laws, regulations and government policies that require digital information to be stored in a specific country more than doubled to 144 from 2017 to 2021.” We’ve learned that about another 50, including France, Austria, and South Africa, also have similar laws in the pipeline. 

And those are just data residency laws. 

Data privacy laws also continue to challenge the capabilities and demands of companies. Later this year, India expects to pass a sweeping new version of its old Personal Data Protection Bill (PDPB) while Kenya's Office of the Data Protection Commissioner (ODPC) began implementing its new law “protecting the right to privacy of persons within its borders” just last week. In the US, we now have comprehensive privacy legislation in California, Virginia, and Colorado with several other states looking to enact varying laws. I would not be surprised to see dozens more over the next few years. 

I’ve been calling this #TheGreatRegulation. 

While the movement is a huge step forward for individual consumers, GDPR showed the cost a patchwork approach imposes on companies—regardless of size or location. Significant investments and changes in infrastructure, code, and even business models were needed to comply with these kinds of regulations (some of which are still undergoing interpretation). These "if/then" statements add significant complexity to implement and maintain.

What we’re seeing and hearing from customers is a strong desire to own their regulated data, but an admission that the ongoing costs and risks to doing it well may be best left to those whose core business it is to ensure data is compliant and secure. 

That’s why we built Basis Theory: to give developers instant access to industry best practices on data security while making the data as accessible and flexible as plaintext.  

We can do better. Protect sensitive data but don’t let the #theGreatRegulation slow down innovation. Turn your data from a liability into an asset. Trust your developers. The time is now.

Interested in learning more? 

Have sensitive data you’re working to secure, scale, and share?  Reach out or take a look at our Getting Started guide. 

And, if this post spoke to you, it’s likely we’d like to speak to you, too. Head over to our careers page to learn more about our open positions.