In my experience, one particular conversation seems to recur frequently: discussions around whether customers value certain technical practices, such as automated testing, sensible logging, or keeping dependencies updated. It’s not uncommon to hear arguments that these practices are unnecessary because “the customer doesn’t care about that.” This perspective can be harmful, as it dismisses the intrinsic value of good engineering.
An Illustrative Experience
I recall a trip from Vancouver Island to the mainland in late 2022 involving a two-hour ferry crossing of the Strait of Georgia. Midway, the ferry unexpectedly stopped, leaving passengers stranded for over an hour. This incident underscored a critical point: maintenance matters, even if not everyone understands its specifics. Suggesting that passengers, like customers in other contexts, are indifferent to such operational details is misleading. They may not know the technicalities, but they definitely care about the outcomes—safety and reliability.
Engineering and Customer Expectations
I once interviewed at a company—let’s call it Initech—that had severely outdated software practices. They were using an unsupported version of a software framework and had ceased updating their database to avoid dealing with breaking changes. Instead, they employed engineers to backport fixes for free, open-source software. Let me say that again – they had dedicated engineering teams whose job it was to rewrite open-source software, just to avoid updating.
This not only wasted resources but also highlighted a significant misalignment in their priorities. They believed that “the customer doesn’t care about that,” yet this mindset likely hindered their ability to deliver improvements and maintain security.
The Importance of SOC2 Compliance
SOC2 compliance is another area where the value is often underestimated. This set of criteria ensures that a company handles customer data securely and respects privacy. Compliance is not merely a bureaucratic exercise; it involves implementing comprehensive security measures that have a direct impact on customer trust and satisfaction. Companies that adhere to these standards show their commitment to quality and integrity, benefiting both the business and its customers.
Even if SOC2 compliance isn’t on your roadmap, it’s extremely painful to be stuck in a situation where you’re running critical security vulnerabilities in your underlying software because you’ve neglected updates. It doesn’t matter if you’re running PHP, Python, Java, Ruby, or Node – your underlying systems can and will expose you if you aren’t regularly updating. It’s exactly why we have a continuous, ongoing project to update our core systems. Since there’s always something that needs updating, this project does not end. As a nice side benefit, it gives us fun new toys to play with.
It isn’t your customers’ job to make sure you’re doing yours
The belief that customers are indifferent to the technical underpinnings of the products they use is a dangerous misconception. Just as passengers on a ferry depend on its proper maintenance, customers rely on businesses to protect their data and provide reliable services. Ignoring this responsibility by justifying poor practices with customer indifference not only undermines trust but also invites failure. It isn’t your customers’ job to babysit you.
Ultimately, it is essential for professionals in any field to recognize that dismissing customer interest in quality and security as irrelevant can lead to significant consequences. Recognizing the signs of potential issues, much like heeding a ‘check engine’ light, is critical. It’s crucial to adhere to good engineering practices not just for compliance or appearances, but because they are foundational to long-term success and customer satisfaction.
