Key Customer Questions That Highlight the Need for Better AI Usage, Data, and Security Answers

·Mar 16, 2026 08:04 PM·

Hey Founders building AI features, what was the first question from a customer or partner that made you realize you needed better answers around AI usage, data, or security?

11 comments

· Sorted by Oldest

Gururaj P.
·
·
From simple to difficult questions
How many times our APIs were called due to the exposed MCP server.
How many agent invocations happened?
Token consumed per account (many users from the account)
Margin per account (MRR-$ tokens consumed - $cogs)
🙌1
Jaron S.
·
·
Great question. I see this topic being more and more important in the coming months. Gururaj P. How do you go about measuring these things?
David G.
·
·
Jaron S. what are you seeing?
Jaron S.
·
·
David G. I see people not asking these questions and just implementing integrations through different apps, mcps and Claude code. People don't know the right questions to ask yet because it's all still so new
David G.
·
·
Feels like teams either go really deep on metrics like Gururaj mentioned, overthink AI vendor security, or they don’t ask much at all yet. Part of it might just be that the expectations aren’t that clear yet, so people don’t know what “good” looks like.
David G.
·
·
I think even the frameworks haven’t quite caught up yet either, so people are kind of guessing what matters.
Jaron S.
·
·
David G. It feels like businesses are like toddlers with different shaped blocks figuring out what processes AI fit into and how best to make it work for them. We are early days
David G.
·
·
Yes! So looks like there are 3 modes right now: Some teams go deep on metrics (calls, tokens, margins), some over-index on vendor/security concerns, and a lot don’t ask much at all yet. The tricky part is there’s no shared baseline for what “acceptable” AI usage actually looks like yet, so teams are either guessing or reacting once someone asks. Curious what people think the first thing a team should be able to clearly explain about their AI usage is?
Jaron S.
·
·
David G. I think Whatever makes you EU and GDPR compliant. EU has tightest rules and regulations and if you are selling to EU you need to be able to explain how you are using their data and do so in accordance with the laws there
David G.
·
·
Yes! Being able to clearly explain how you’re using customer data is the first real bar, especially with EU customers. Most teams I talk to can’t really do that cleanly yet.
2
David G.
·
·
Most teams I talk to can explain it at a high level, but it falls apart when you go one level deeper. Curious what people are actually showing when they get pushed on it?

Gururaj P.
·
·
From simple to difficult questions
How many times our APIs were called due to the exposed MCP server.
How many agent invocations happened?
Token consumed per account (many users from the account)
Margin per account (MRR-$ tokens consumed - $cogs)
🙌1
Jaron S.
·
·
Great question. I see this topic being more and more important in the coming months. Gururaj P. How do you go about measuring these things?
David G.
·
·
Jaron S. what are you seeing?
Jaron S.
·
·
David G. I see people not asking these questions and just implementing integrations through different apps, mcps and Claude code. People don't know the right questions to ask yet because it's all still so new
David G.
·
·
Feels like teams either go really deep on metrics like Gururaj mentioned, overthink AI vendor security, or they don’t ask much at all yet. Part of it might just be that the expectations aren’t that clear yet, so people don’t know what “good” looks like.
David G.
·
·
I think even the frameworks haven’t quite caught up yet either, so people are kind of guessing what matters.
Jaron S.
·
·
David G. It feels like businesses are like toddlers with different shaped blocks figuring out what processes AI fit into and how best to make it work for them. We are early days
David G.
·
·
Yes! So looks like there are 3 modes right now: Some teams go deep on metrics (calls, tokens, margins), some over-index on vendor/security concerns, and a lot don’t ask much at all yet. The tricky part is there’s no shared baseline for what “acceptable” AI usage actually looks like yet, so teams are either guessing or reacting once someone asks. Curious what people think the first thing a team should be able to clearly explain about their AI usage is?
Jaron S.
·
·
David G. I think Whatever makes you EU and GDPR compliant. EU has tightest rules and regulations and if you are selling to EU you need to be able to explain how you are using their data and do so in accordance with the laws there
David G.
·
·
Yes! Being able to clearly explain how you’re using customer data is the first real bar, especially with EU customers. Most teams I talk to can’t really do that cleanly yet.
2
David G.
·
·
Most teams I talk to can explain it at a high level, but it falls apart when you go one level deeper. Curious what people are actually showing when they get pushed on it?