How I Grew My Retirement Project to Profitability

Hello! What's your background, and what are you working on?

My name is Michael (Tyler Crown is just my username), and since 2015 I’ve been working on QuotaGuard, my dynamic and static IP proxy service.

I currently live in Las Vegas, Nevada, but I’ve lived, studied, and worked all over the world, including in China, Poland, Hong Kong, Holland, and about a quarter of the states in the US. I’ve spent just over two decades as a software developer, information security/software consultant, and business owner. I tried retiring back in 2014, but after two years of hiatus, I really wanted to get back into building, scaling, and managing software projects to stave off boredom and obsolesce.

The QuotaGuard suite of products are used primarily by cloud-based application providers, larger cloud hosting services, and even other indie hackers to help secure protected and sensitive corporate resources or connect externally to other Internet services, like e-commerce sites.

Since 2015, the business has grown to over 2,000 customers and routes hundreds of millions of requests per year for our customers.


What motivated you to get started with QuotaGuard?

I wanted to get back into software development and operations in late 2014. A developer I met had a few ideas he'd been working on, but wasn’t interested in continuing with them as he had a different opportunity he wanted to pursue. His original idea, a dynamic and static proxy service for the cloud, sounded kinda' fun and promising, so I took the project over and dug into his products to see if I could build a viable business from what he started.

The original products had done fine in their limited market, but had not gained any type of long-term sustainability. Additionally, the product set had splintered into three separate, competing services and it was confusing for the end user to know what product to subscribe to in order to get the functionality they needed.

After getting familiar with the code and currently deployed integrations, I went back through all the old customer service tickets to see what people were saying about the products and overall experience. I noticed customers asking for exactly what the product did, but were so confused by the names, competing offerings, and mixed messages, that they didn’t realize we had their solution right in front of them.

I don’t remember the “AH-HA” moment, but at some point it made sense to simplify, remove, and cut down almost everything that was currently available. Start removing products, reduce the offerings, fix the conflicting marketing messages and product names, and basically start over as one offering, with one solution, for one problem.

This pivot to put all the focus on just one product and one code base had some "quasi-validation" since I had seen people who were paying customers actually asking for the product and demonstrating they would pay for it. Not exactly the most thorough product validation process I’ve ever been through, but it was better than nothing.

The lesson here is not only to pivot, but to sometimes look at a project with completely fresh eyes. I also had zero emotional attachment to what had been done, eliminating sunk cost concerns that may have influenced my decisions. Therefore, I could more easily tear it down to its essential elements and try again.

The barebones solution was to re-brand one of the Static IP solutions, retire the other one, leave the dynamic IP solution running on the side "as is", and focus exclusively on just the one Static IP proxy service. Since there were already two Static IP proxy solutions built out, the first problem was to figure out how to merge the two code bases and customers, two completely different marketing programs, and two different product names.

That proved harder than starting from scratch with the same idea because you already have legacy code that has no role in your future plans, but still must be maintained because customers use it actively every day.

What went into building the initial product?

I read just about everything I could get my hands on about how to be a successful small software development engineer, like patio11, Joel on Software, Ramit Sethi, and reviewed every “how to succeed in an online business” resource available. One of the things that was always stressed in many of these resources was to focus on your niche and keep that focus really narrow, almost narrower than you believe is viable. Thankfully, that concept stuck and I stayed focused on tearing the products down into just one service.

I had to say no to a lot of other ideas (like requests for Static IP/VPN solutions) just to solve this one single problem well. I figured if I could just do this one service, make it completely air-tight and delight my customers, it would be better than trying to solve two or three problems at the same time that were only marginally related.

Funding for the project, development, and deployment came out of my own savings. One piece of advice I give young engineers that want to stay in the career path they’ve spent decades perfecting: save money, because when you hit 35-40, you’re likely going to get eased out of your software development role, either into management or out the door. Ageism is a discriminatory practice that Silicon Valley is proud of and openly brags about, so make sure you’re paying attention and plan accordingly.

If you want to start your own business (especially once you see the writing on the wall in your 30s) you’ll need some money on the side to survive on. Having your own cash has a lot of advantages because you can work at your own speed, not answer to anyone, and keep your dignity by staying quiet when you fail the first few times (which will happen).

What's your tech stack?

I continued to build on the same primary stack, which was Go for the proxies, as it ran more effectively and was easier to deploy. Ruby for our dashboard app and for the integrations with the external marketplaces. The service itself runs on AWS and IBM Softlayer for the request routing tasks. And it goes without saying that Stripe was our only payment provider. Coming out of retirement with nothing on my plate but working through a few more beers, I was able to work on this full time and contract out for non-critical elements, like graphics, website maintenance, etc.

A secure packet routing service is a critical component for many businesses and needs to have as close to 99.99999% uptime as possible. It can’t be down for four hours performing updates or slowly recovering from an issue with a proxy. Scalability, security, and reliability are paramount, so that was the main focus for the application once all the fat was ripped away.

In my future endeavors, I’m not sure whether I will want to make a product that is so mission critical, because it comes with a lot of stress and 24 hour anxiety. I haven’t woken up a single day in the last five years without the fear that something might have gone wrong overnight and I’ll have 40 customer tickets in my inbox. The advantage of mission critical applications is the higher price point, but you have to really be sure you can support your infrastructure when the system scales.

How have you attracted users and grown QuotaGuard?

QuotaGuard was originally put on the Heroku platform marketplace as an add-on and I stuck with that model. More marketplaces were added, but they had the problem of different names, different code bases, different infrastructures... basically one problem solved ten different ways in 15 different places. Some I just left out there to wither and die, others I rebranded, reintegrated, and tried to do my best to let customers churn away so I could remove the old infrastructure for good. This wasn’t an easy process, one platform that I’ve been trying to get rid of just migrated the last customer over to our current QuotaGuard infrastructure in October 2019, over four years later.

Customer service isn’t a cost center just to answer questions... it’s your storefront.


Because of this restructuring of the product, there was no “launch”, per se. In fact, I tried to keep it as quiet as possible so paying customers didn’t realize I was swapping the things out underneath them for a different service, albeit one that was more reliable, stable, and scalable. Fortunately, I never had an issue with a migration or deprecation of the service.

Following the tear down, rebuilding, and rebranding of the Static IP service, I started to institute the more traditional sales processes to gain new users.

I did a few things to get customers to keep showing up at our door and knocking:

  • StackOverflow / Quora: Answered questions online that might be relevant to a static IP solution.
  • Google Adwords: Tons of self study to put up what I considered to be fairly noob ads, but they started to see conversions.
  • Landing Pages: I fully redid them, and this helped with Adwords conversions mainly, plus it now looked nice enough to show my friends!
  • New Marketplaces: I put QuotaGuard on more marketplaces like Microsoft Azure and IBM Cloud.

An extra word about marketplaces: marketplaces do take a large cut of every customer revenue dollar. However, they also do all the work for marketing, refunds, billing, and most technical questions. Being on a marketplace can be very helpful to get your name and business in front of thousands of potential customers much faster than any of the other methods above.

Being on a marketplace also conveys legitimacy where you can say, “Microsoft, Heroku, IBM, etc. have reviewed our solution and promote it on their corporate marketplace to their own business units, partners, and clients. So what other assurances do you really need to trust our system can handle your use case?”

By far the most successful sales channel has been the customer service portal where people contact me via our support system to ask all sorts of technical and billing questions.

I previously worked on an e-commerce business where the customer service team used the customer service communication channel to push the sales funnel. It was something I had never seen before and incredibly effective. Customers would write in asking if we could fix this bugs or add features. We would review their site both to look at the issue and to see what they still needed to improve in their store. We’d write back saying, “Yep, here’s how to fix the issue. Also, why are you running your store without X, Y, and Z like everyone else?” We'd then add in some reasons to use those tools. Within a few back and forth emails, we’d have them buying five more add-ons to their e-commerce store. They just didn’t know these products existed to speed up their checkout and make the customer-facing experience better.

That’s where I learned that the customer service channel is the secret weapon to growing your business and solving customer problems. To this day, I still haven’t been up-sold by any other company via customer service in the same way, not one single time, except by cable and phone companies.

Customer service isn’t a cost center just to answer questions. It’s not a “game” to see who can close the ticket in some minimum amount of time, it’s your storefront.

So long as what you are suggesting is solving a real problem, not spamming them with some irrelevant products hoping for a sale, then it can be a huge driver of future sales and customer retention.

Year Customers
'15 536
'16 928
'17 1434
'18 1852
'19 2110
Jan '20 2200

What's your business model, and how have you grown your revenue?

QuotaGuard is a perfect use case for SaaS type billing. Currently we only accept usage monthly subscriptions, just to keep it simple.

Simplicity is my religion in business. Every single one-off solution I allow is time debt against my future ability to “Get Things Done”.

I don’t care how much money someone dangles in front of me, once I start doing customized code for one customer, or a customized payment plan for another, I always regret it. Trust me on this one, even though I know this is one of those lessons one has to learn on their own by breaking the rule a few times.

We allow free trials for our direct sign up customers and marketplaces usually have their own rules for their pricing plans, but generally it will have some period of a trial or free plan. Roughly 75% of my current customers are paying customers, so that does show that many customers who sign up for a free plan on a marketplace just leave it sitting there. I purge unused accounts after a period of time, but the lesson is “don’t allow free trials that can go on indefinitely”, if you can help it.

Like I've mentioned, I love Stripe. Unless you expect to be selling B2C with lots of customers in growing economies, there is absolutely no reason to support PayPal at first. We only offer it today by request and only for larger clients, yet PayPal still is the worst solution for any billing challenge I have ever encountered.

QuotaGuard grew revenue roughly close to ten times its starting size when I took over in the past 4 years, the result of more customers, and increasing ARPU as customers move into higher tiers or add more subscriptions, and a laser like focus on providing top tier customer service. I hate to keep saying it, but customer service is where a business succeeds or fails.

I keep a very close eye on expenses and will spend hours eliminating a $5 monthly expense, so that I can continue to run as lean as possible. I do a all of my finance tasks by hand (except filing out annual tax forms) that I could easily pay a few thousand a year to have someone else do, but I consider doing expenses by hand essential to keep my pulse on the business.

One of those tasks is monthly P&L, which I still add to monthly on a customized spreadsheet I created. No accounting software can wrangle data like a simple spreadsheet to show you exactly the numbers you need to know for a SaaS business.


What are your goals for the future?

QuotaGuard continues to ride the momentum of business operations moving to the cloud. I continue to explore more opportunities that are focused on my narrow niche, but that can expand our service offering for customers. I enjoy working on the infrastructure of the cloud and am constantly looking for ways I could better serve the cloud community with simpler and easier to use tools.

Recently we launched QuotaGuard Shield, a HIPAA compliant end-to- end encryption solution, so my main focus is on gaining traction for that product. My goal is to get 100 customers on Shield by the end of March 2020. To accomplish this goal, my main focus will be on getting it in front of current customers that would benefit from the newer offering, as well as, traditional advertising and customer service support promoting the product.

The cloud is an opportunity to lower business costs, so even in a potential recession, I hope to be able to keep QuotaGuard stable as more companies move more projects to the cloud in response to tighter budgets.

What are the biggest challenges you've faced and obstacles you've overcome?

I’ll start with the biggest challenge I faced, that we all have, and none of us want to admit it to ourselves. It’s that most developers don't really want to start a business.

We consciously tell ourselves that “this” is what we want to do, but sub-consciously we elevate nothing but development and inconsequential business tasks to our todo list, optimizing all the wrong things, and just being a busy waterboy on the sidelines of the real game.

The moment normal business-y things come up that are not programming related, our facade is obvious. Things like learning financial accounting and cash flow statements, filing taxes, obtaining cyber intrusion insurance, hiring lawyers, performing corporate meetings to stay legally compliant, doing quarterly and annual taxes, finding business accountants, hiring employees, massaging a relationship with your local business banker, verifying financial cash flows, etc... Anytime those items come up, we think, “I’ll just brew update real quick and check that off my list.”

Everyone is guilty of this, myself included, I spent far too much time learning new languages and far too little time actually running a real business for way too long. There’s an ocean of responsibility shirking between saying “I’m an entrepreneur” and actually being one.

One of my biggest mistakes was realistic planning for growth and scalability.

I still can’t believe how complex it gets to operate the service in seven different global regions, all day every day, across a wide spectrum of business verticals, and handling dozens of unique use cases. It takes a tremendous amount of resources, strategic planning, and scalability to go from one customer to thousands of customers. My advice is to plan for scale and never stop thinking, “What happens if this grows two to three times in a year?” And then don't think about the revenue; think about if your infrastructure can truly handle it.


I also made the mistake of outsourcing my customer service for a few months. I completely lost touch with what my customers wanted and needed from the service. That’s a critical pulse item that every owner and operator really needs to know on a daily basis. Never fully outsource customer service, it’s the only way you know what’s really going on in your business.

Hiring for technical projects is always a challenge, and one that I've spent a lot of time trying to improve upon since going out on my own. Currently, I will only work with developers from Toptal because they do all the screening and interviewing for me. I know when they present a candidate for a project, that person is going to be legions smarter and better than me in every aspect of development, ops, and even customer relations. As we all know, surround yourself with people smarter than you.

Toptal is expensive, so until you get to that point, you’re really going to have to churn through a lot of candidates to find ones that truly have the skills, desire, and patience to work with you on your project. This is a topic I’ve worked on a lot, so if anyone has questions, reach out.

What's your advice for indie hackers who are just starting out?

I have some general some tips that I’ve written down that aren’t usually talked about.

If a potential customer is asking for a rebate from the start, or wants you to get in a price war with your competitors, politely tell them you are not the solution they are looking for long term.

If you’re offering a product or service that provides value for your customers, they should be asking about things like security, features, SLA’s, customer service obligations, etc. If price is their number one concern, they already can’t afford you, do not waste time with them, let them be somebody else’s customer. You need to exercise control over the customers you assemble that will consume your valuable time in the same way you choose your friends that you spend the rest of your time with each day. The first negative keyword in your Adwords should be the word “Free”.

Fire bad customers. Do not ever let customers abuse your staff, ever.

I realize if you have ten customers and two are treating you poorly (not paying, wanting refunds, forever complaining, asking you to code their solution for them, etc.), you’re never going to want to fire them, but you will wish you had in the future.

Give your staff full agency to fire customers that treat them poorly. If you see someone badgering a member of your team in email, step in and politely let the customer go. Offer to assist with migrating them to a different service, and then move them to your strongest competitor “for free”.

This is your business and your life, you wouldn’t associate with someone that treats your friends that way and you have every right to refuse service to anyone that thinks that because you’re a “business” they have the right to abuse you, your colleagues, or your name.

The funny thing is, when you fire bad customers, you never notice how beneficial it was because they no longer waste mental bandwidth. It’s only when you don’t fire customers that you realize how important it is to get rid of them fast the next time.

Richard Branson said, “I have always found it to be one of the more intriguing idiosyncrasies of the human condition that a problem that is handled quickly and effectively will almost always serve to generate more long-term customer loyalty than when the original series was delivered satisfactory.”

This could not be more true. We’ve had large customers lose access to their store for hours and be, let’s just say, justifiably upset with me. But I found that if I respond as fast as possible to any customer service ticket, even if it’s just a promise to work on it, it almost always makes up for whatever happened.

Remember, most mistakes are caused by flawed systems, not flawed people. We’re all in technology, and technology fails no matter how hard we try to make it bulletproof. What makes the difference is how quickly you respond and let your customer know that you are aware that there is an issue, that you are working on it, and you are there with them until this is resolved. Self published after action reports, no matter how thin, also help with generating customer long term loyalty.

Fire bad customers. Do not ever let customers abuse your staff, ever.


I read a lot. If I had to recommend one book that I hadn’t seen on IH before, I’d say “The Medici Effect”. It demonstrates how the act of switching between fields, disciplines, hobbies, or projects can be a effective way to gain unplanned and unique insights. It’s great for finding software business ideas from under-represented niches outside our software-focused world.

Where can we go to learn more?

I do triple-duty where I’m one third an owner/operator of various SaaS businesses like QuotaGuard, one third an operations manager for other owner’s software investments, and one third a buyer/seller of web properties to add to my own portfolio.

I’m a proud introvert, so Twitter and Facebook are not community spaces worth my time, but you can always reach me via email ([email protected]) or connect via LinkedIn. Especially if you want to talk one on one about what it’s like to work as an introvert in both the corporate and entrepreneurial sides of the software business.

Finally, if you have any questions for about this interview, please don’t hesitate to ask in the comments or email. It’s been great following Indie Hackers since Courtland started and it’s humbling to actually be featured on the site, so I would love to give back to anyone else that is struggling or has any software business building questions. Fire away!

Michael Frew , Owner / Not Founder of QuotaGuard

Want to build your own business like QuotaGuard?

You should join the Indie Hackers community! 🤗

We're a few thousand founders helping each other build profitable businesses and side projects. Come share what you're working on and get feedback from your peers.

Not ready to get started on your product yet? No problem. The community is a great place to meet people, learn, and get your feet wet. Feel free to just browse!

Courtland Allen , Indie Hackers founder

  1. 2

    The fragment about us devs don't act like real entrepreneurs is brilliant. I am guilty of that as well.

    Great interview 👏

  2. 1

    It always seemed to me that a person living in Nevada does not have a big need to invest)) There are a huge number of casinos. Why not think about a jackpot?)) I myself live far from your state and cannot visit casinos often. I have another alternative - Learning to gamble is my investment in my future retirement)

  3. 1

    Thank you for the interview! :)

    One of the things that I am curious about is how are things managed legally in case of products that allow arbitrary traffic through their servers? What happens if a customer uses your proxy to access illegal content, e.g. pirated movies or something.

    If anyone else knows more about such things, maybe they can also help me understand how VPNs handle these things legally? They obviously can't be legally responsible for the actions of their customers but then if the customers can be tracked, their whole product's purpose has been defeated.

    1. 1

      Really great question, thanks for asking it as it comes up every once in a while when people first hear of our service.

      Our terms and conditions of use explicitly forbid such behavior. Any customer found to be doing such activity would be suspended and reported to the appropriate authorities. If authorities requested information from us regarding such activity (or any illegal activity for that matter), they would very easily be able to ascertain the user's identity.

      But what if this fictional user doesn't care about the law or our T&C's?

      If stealing protected content was a users goal, a static IP is not a solution that enables that behavior to be successful. It would be like ordering illegal content in the mail and having it shipped to your "secret" PO Box, but the PO Box then has a forwarding address listed that is your own house. It provides zero protection and makes attribution incredibly easy.

      As you indicated, if someone is trying to access content they should not be accessing, they're going to try to use a VPN to hide their information. Setting up a static IP isn't of any benefit to that activity. Even with full encryption enabled, the endpoints would still be known, user information would be known, and the entire process would provide zero protection.

      As far as VPN's, I have no insight into how they handle these legal matters, unfortunately.

      1. 1

        Hey, thanks for taking the time to reply.

        To be legally compliant and make it clear that you do not encourage such behavior and are ready to help authorities if such things happen, declaring it in the terms and conditions is enough? Or do you need some sort of legal declaration with your local authority if you are operating a static IP as a service?

        1. 2

          Thanks for writing back!

          This may be a US-centric answer, but we (nor most other software businesses in the US, I believe) do not need "legal authority permission" to operate a business, much less something as routine as a static IP service.

          Static IP's are a security practice that is very common and utilized by probably every company that has an IT department with even a remote understanding of baseline security.

          Companies operate or subscribe to server resources, proxy servers, firewall software, DMZ services, static and dynamic IP services, etc. all the time. We're just one layer in the onion of good security practices for businesses of any size.

  4. 1

    I'm surprised I don't see any Google Cloud offering. Is there a reason for this?

    1. 1

      Actually, we're working on adding GCP as a natively supported platform as we speak (errr, as we...write?).

      We have a few customers using QG from GCP already, but we want to make it more of a native integration so it makes billing and support easier for the user. Less friction for customer(s) is the goal, of course.

      At the moment, we are working on on-boarding to a few different marketplaces, mainly, GCP and AWS. I'd love to have that done within the next 6 months.

      Most of the time, users on those platforms sign up directly, but it would be better to be natively hooked in, just to get our name out there, and possibly highlight ourselves to new customers that didn't know about us in the first place.

      I'll update my QG product thread as we get those marketplaces online to pass along "lessons learned" and any tidbits we see that might help anyone else that wants to get listed on those marketplaces too.

      1. 1

        I just wanted to come back to this question and let you know that we're on AWS now, Azure from before (had to get listed two separate times), and working on GCP next. Thanks for the motivation!

      2. 1

        Awesome business. All the best!

        1. 1


  5. 1

    I actually used QuotaGuard for a contract project I helped work on and I'm surprised to hear it's actually an indie project because my conversations with support made it feel like I was talking to a much bigger company. Support was really professional, knowledgeable, and helpful. Great work Michael.

    1. 1

      That’s great to hear and I’m really pleased to read you remember our support.

      It’s so important to just make sure we are always there to answer questions. It’s one of my biggest focus points, regardless of how it can affect our day to day plans. If you write in, the team is gonna jump on it.

      Easily one of the biggest lessons I’ve learned with QG, for sure. I hope I can pass it along as a “must do” for each IH project. It’s just not something to outsource, until it absolutely becomes all consuming. Thankfully, we are not there yet.