Result

# CEO Plan Review: SMB → Enterprise Expansion

Pulling up a chair. This is a strategy call, not an implementation review, so I'll skip the error/rescue maps and code diagrams. You're asking the right person the wrong-sized question. Let me push on it.

## The honest first reaction

"This quarter" is doing a lot of work in that sentence. Enterprise is not a feature flag. It's a different company.

You're not expanding a product. You're starting a second company that shares a codebase with the first one. The buyer changes, the sales motion changes, the implementation timeline changes, the support SLAs change, the security posture changes, the contract structure changes, the org chart changes. The product is the smallest part of what changes.

Before we even get to "should we" — let's get to "what is this, really."

## Premise challenge

A few questions I'd want answered before I'd touch the timeline:

**1. Where is this coming from?**

Three very different origin stories, three very different answers:

- **Pull:** Enterprise prospects are showing up in your pipeline unsolicited, asking for SSO/SAML/audit logs/MSA terms, and you're losing them. → This is a real signal. Worth chasing.
- **Push:** Board pressure, growth math isn't working in SMB, runway conversation, "we need bigger ACVs." → This is a warning sign. Enterprise won't save a struggling SMB business. It will distract it to death.
- **Aspiration:** "Enterprise customers feel more legitimate." → Worst reason. Don't.

Which one is it? Be honest with yourself. The answer changes everything downstream.

**2. Have you sold a single enterprise deal yet?**

Not "talked to enterprise prospects." Closed. Signed MSA. Money in the bank. Going live with a real procurement-led deployment.

- If yes, how many? What did it actually take? How long was the sales cycle? What did they ask for that you didn't have?
- If no, you don't have a market yet. You have a hypothesis. The first 3 enterprise deals will teach you more than any plan will.

**3. What does your current SMB business look like?**

- Is SMB growing? Stalling? Churning?
- What's net revenue retention in SMB?
- If SMB NRR is below 110%, fix that first. Enterprise won't fix a leaky bucket.
- If SMB is humming (NRR > 120%, low CAC, strong word-of-mouth), then the enterprise question is "are we leaving money on the table from existing customers who grew up?"

The cleanest enterprise expansion is when your SMB customers grow into enterprise and pull you upmarket. The hardest is cold-starting enterprise sales from scratch.

## What "enterprise" actually means

People wave around "enterprise" like it's one thing. It's not. Let's be concrete about what 1000+ seat customers will actually demand:

**Product:**
- SSO / SAML / SCIM provisioning
- Role-based access control with custom roles
- Audit logs (often with export to their SIEM)
- Data residency (EU, sometimes India, sometimes on-prem)
- Custom data retention policies
- Admin console at the org level, not just team level
- Usage analytics and reporting for IT/procurement
- API rate limits scaled to their org
- SLA guarantees with financial penalties

**Security and compliance:**
- SOC 2 Type II (not Type I, not "in progress")
- Often: ISO 27001, HIPAA, FedRAMP depending on vertical
- Penetration test results, often annual
- Vendor security questionnaires (50-200 questions each, every deal)
- DPA, BAA, custom MSA terms
- Sub-processor disclosure and approval workflow

**Sales motion:**
- 6-9 month sales cycles, sometimes 12
- Multiple stakeholders: champion, economic buyer, security, legal, procurement, IT
- Pilot phase, then expansion, then renewal
- POCs that take 4-8 weeks
- Requires field sales, sales engineering, eventually customer success

**Support:**
- 24/7 coverage or business-hours with on-call escalation
- Named account managers
- Quarterly business reviews
- Implementation services / professional services org

This is not a sprint. This is a 12-24 month build-out if you're serious.

## The real question

"Should we expand this quarter" is the wrong question. Better questions:

1. **Should we commit to enterprise as a strategic direction?** (Yes/no, with eyes open)
2. **If yes, what does the 18-month roadmap look like, and what's the right *first* step this quarter?**

The first quarter of an enterprise motion almost never looks like "ship enterprise features." It looks like:

- Hire your first enterprise AE (8-12 week ramp)
- Start SOC 2 Type II audit (9-12 months to complete)
- Identify and sign 2-3 design-partner enterprise customers willing to deploy something rough
- Build SSO/SAML (4-6 weeks, table stakes, can't sell without it)
- Build the security questionnaire response library (one-time pain, ongoing leverage)

You don't "expand into enterprise this quarter." You *start* expanding this quarter. The expansion takes a year minimum to show up in revenue.

## Inversion: what would make this fail?

Munger's trick. What's the failure mode I'd worry most about?

**1. Founder attention split.** You and your best engineers get sucked into enterprise deals (POCs, security reviews, custom requests) and SMB product velocity collapses. SMB churn ticks up. You now have a weakening core business and a nascent enterprise business that isn't yet self-sustaining. This is the most common death spiral.

**2. Roadmap capture.** Your first enterprise customer demands 12 features that no other customer wants. You build them. Now you have a product that's slightly worse for SMBs and not yet good enough for the next enterprise. Repeat with customer #2.

**3. Sales motion mismatch.** You hire an "enterprise AE" who's actually a mid-market AE, or who came from a company with a totally different product. They burn 9 months and 3 deals before you realize it. Enterprise sales talent is hard to evaluate and expensive to be wrong about.

**4. Compliance treadmill.** SOC 2 turns into a full-time job for someone. Then a vendor asks for ISO. Then HIPAA. Then FedRAMP. Each one is 6-9 months and real money. You're now a compliance company that ships software on the side.

**5. The two-product problem.** Six months in, you realize enterprise needs deployment models (on-prem, VPC, BYO-cloud) that fundamentally diverge from SMB. Now you're maintaining two products. Engineering velocity halves.

If you can't articulate how you'll avoid each of these, you're not ready to commit.

## My recommendation

I can't give you a yes or no without the answers to the premise questions above. But here's the shape of the decision:

**If SMB is healthy and you have organic enterprise pull:** Yes, start this quarter. But "start" means the foundation work: first enterprise hire, SOC 2 kickoff, SSO/SAML, design partners. Not a GA enterprise launch. Frame it internally as a 4-quarter bet, not a quarter sprint.

**If SMB is struggling and you're hoping enterprise saves you:** No. Fix SMB first. A struggling SMB business cannot fund an enterprise motion. You'll run out of money before either works.

**If you have no enterprise validation yet (zero closed deals, no real pull):** Run a 90-day validation sprint instead of committing to expansion. Goal: close 3 lighthouse enterprise deals on your *current* product with manual workarounds. If you can close them, you've learned what to build. If you can't, you've saved yourself a year of misdirected work.

## What I'd want to see before we talk again

1. Origin story: pull, push, or aspiration? Be honest.
2. SMB health metrics: growth rate, NRR, CAC, churn.
3. Enterprise validation: any closed deals? Pipeline? What are they asking for?
4. Cash position: how many quarters of runway, and does the enterprise plan need to pay back inside that window?
5. Team: do you have anyone with enterprise sales/CS experience already? Who would lead this?

Bring those numbers and the answer becomes a lot clearer. Right now we're discussing the shape of a decision, not the decision itself.

The instinct to go upmarket isn't wrong. The timeline almost certainly is.