Why a separate stack
Korean public, finance, and healthcare sectors require (1) in-country data storage, (2) network isolation, (3) electronic approval + record obligations, (4) security audits (CSAP, ISMS). Global startup stacks don't fit as-is.
Core
**Collab/docs**: Dooray! on-prem or Naver Works **Messenger**: JANDI on-prem or Dooray Messenger **Electronic approval**: Dooray Approval or specialized solutions like Kisan/Bizflow **CRM**: Dabinci CRM or Douzone NeoSales (domestic servers) **Accounting/ERP**: Douzone Smart A, eCount ERP **HR**: Flex (domestic region) or Douzone ERP HR module **Security**: V3, AhnLab EDR, CSAP-certified national vendors **Automation**: self-hosted n8n (domestic server) **AI**: Upstage Solar (Korean LLM) + Claude Enterprise (consider on-prem integration)
Security/compliance essentials
- Prefer CSAP or K-ISMS-certified SaaS
- Encrypted 주민등록번호 storage
- Network-isolated environment support
- Audit logs mandatory
Monthly cost
- Dooray on-prem (license-dependent)
- Dabinci / Douzone ERP: based on headcount/revenue
- CSAP vendor licenses
2–3x more than global stack, but opens new revenue streams.
Pitfalls
- Proposing only global SaaS: fails security review
- Attempting public-sector delivery without CSAP: disqualified
- Cloud proposal without network-isolation consideration: held by enterprise/public
If targeting public/finance, design your stack around "domestic + on-prem" from day one.