Micro Focus is now part of OpenText. Learn more >

You are here

You are here

How technical debt is hurting your software team—and your app sec

public://pictures/John-Mello-Journalist.png
John P. Mello Jr. Freelance writer
 

Technical debt can have a severe impact on the health of an organization—and affect the mental health of your developers. More than half of the 200+ engineering team members polled for Stepsize's 2021 State of Technical Debt Report believe technical debt negatively impacts their teams' morale.

Three out of five of the developers, engineering leads, and CTOs surveyed for the report attributed technical debt with creating software bugs, outages, and development slowdowns. The report noted:

"It’s no surprise that technical debt causes bugs, outages, quality issues and slows down the development process. But the impact of tech debt is far greater than that. Employee morale is one of the most difficult things to manage, especially now that companies are switching to long-term remote work solutions. The survey reveals that technical debt is actually a major driver of decreasing morale."

Developers often feel as if they are forced to prioritize new features over vital maintenance work that could improve their experience and velocity, and this is taking a significant toll, the authors added.

The state of application security in your organization may depend on staying out of technical debt. Here's what your software team needs to know about debt so that it can be avoided.

Stop chasing gremlins

Who creates technical debt can have a huge impact on morale, said Michael Del Castillo, solution director at Komprise, a data-management-as-a-service provider.

"If the team that was recommending an approach to prevent them from tons of rework later or ongoing maintenance is overruled by upper management, you can bet that every time the topic comes up in the future, there will be negativity that arises."
Michael Del Castillo

IT doesn't want to spend time maintaining legacy systems that don't work that well or fixing bugs in code, said Varma Kunaparaju, CEO of OpsRamp.

"IT doesn't want to see product release cycles be delayed or deal with dissatisfied customers. Yet technical debt creates these conditions that destroy morale and send IT workers looking for greener pastures."
Varma Kunaparaju

Workers can easily become discouraged when they're spending their time maintaining obsolete technology that isn't bolstering their skills, said Scott Buchholz, government and public services chief technology officer at Deloitte Consulting.

"The more technical debt that exists, the more workers are likely to find themselves in a never-ending spiral of reacting—fixing outages, incidents, and security issues—and chasing other gremlins that seem to routinely pop up."
Scott Buchholz

Technical debt can crop up anywhere

Technical debt can take a number of forms. It can be code written without annotations, making it difficult for anyone but the author to figure out how it works. It can be a list of known defects accumulated in an application without fixing them. It can also be outdated, unsupported, or deprecated technology kept around for the sake of efficiency or familiarity, or manual processes begging to be automated.

"In my college days, I worked for an organization where I just did manually intensive work," recalled Terry Simpson, senior solutions engineer at Nintex, a business processes services provider.

"I had to grind through it. It's not fun stuff to do, especially if it's a repetitive process. It gets mundane. It's error-prone. If you can make that more efficient, you can reallocate an employee's time to much more meaningful tasks. It can have a massive impact on employee morale."
Terry Simpson

That's especially true for younger workers, Simpson added. "They've grown up with the Internet, cellphones, and automation. If you put them into a setting where there isn't much technology and automation, it's disengaging to them. They're demanding there be more automation."

Get your technical debt under control

The Stepsize researchers also discovered that developers spend almost a day a week dealing with technical debt. On average, developers spend 33% of their time on overall maintenance and legacy systems. Half of that—about six hours a week—is spent on technical debt.

Three out of five engineering team members (60%) also said that much of the technical debt in their organizations was in back-end systems, mostly at web server endpoints. Other points where technical debt accumulates are browser apps and websites (40%) and infrastructure (32%).

More than half of the participants in the survey claim their companies do not deal well with technical debt. "Engineers are clearly convinced that technical debt is the primary reason for productivity losses. However, they seem to be struggling to make it a priority," the report noted.

Polina Efimova, an evangelist for Stepsize, said that technical debt creates a conflict between developers and managers who want to move fast and create new features because customers want them.

"The managers can't understand what's holding the developers back. Technical debt creates conflict and frustration. When you're frustrated, your team morale goes down."
Polina Efimova

Two-thirds of engineering team members (66%) believe they could ship their deliverables 100% faster if they could get technical debt under control, the report found.

Your application security may depend on debt-free

Peter Chestna, CISO for North America for Checkmarx, a global application security company, said it is best to make consistent payments on technical debt so that the cost in time is minimized.

"The longer you delay, the more urgent, costly, and risky it becomes."
Peter Chestna

He cited installation of software patches as an example of how technical debt can quickly get out of hand. Patches as they are released have low cost and complexity. If it breaks something, you just revert to a previous version of the software.

But if you delay, you could be looking at tens or hundreds of patches across multiple platforms all at once. If something breaks, then what? How much additional care and time is needed to test along the way?

Massive patching like that can also require a service outage, Chestna said. "That might mean night and weekend work. Better management decreases the demands that may need to be made on its staff."

"You don't eliminate technical debt; you manage it. An organization disciplined in this area will keep track of the debt as it accumulates and understand the rising costs involved as the debt ages. Then it must be decided how much budget to spend on debt reduction so that it won't be overwhelming in the future."
—Peter Chestna

Keep learning

Read more articles about: SecurityApplication Security