There are books/tomes written about each of those topics, more than can be written here, but the place to start is not to build at all, but instead find ways to talk to potential users and buyers and their specific pain points, use cases, and your proposed solutions/features/workflows. This can be turned into slide decks and Figma interface walkthroughs without writing any code. These can be used to line up interest, piloters, potential buyers.
This is a lot of work but it is the essential starting point in defining WHAT to build. It is a LOT less work and orders of magnitude less expensive than actually building, especially if you build the wrong thing.
SSO, security, data governance and compliance regimes are just "ilities"/HOW to build details that come later at actual system design time. If you understand what needs to be built, you can hire people who know how to build with those ilities.
This is a lot of work but it is the essential starting point in defining WHAT to build. It is a LOT less work and orders of magnitude less expensive than actually building, especially if you build the wrong thing.
SSO, security, data governance and compliance regimes are just "ilities"/HOW to build details that come later at actual system design time. If you understand what needs to be built, you can hire people who know how to build with those ilities.