How to Bring Open-Source Software into the Enterprise (
Page 1 of 2 )
Open-source software has gained growing acceptance in the enterprise. Once enterprises put in place the same governance, policy and support processes around open-source software as they do with proprietary software, there is no limit to how much open-source software they can bring into their organization. Here, Knowledge Center contributor Carol J. Rizzo offers five tips on how to bring open-source software into your organization in a way that maps to your corporate risk factors, making open-source software no more or less of a risk than proprietary software.
Over
the past decade, I've served as CTO of three different Fortune 500
companies. In each of those companies, one of my primary
responsibilities was to mitigate risks associated with technology.
During the same period, open-source software has gained growing
acceptance in the enterprise. Properly sourced, open-source software
can bring so much to the table: lower cost solutions, high-quality
software and all the other benefits that come from active and
altruistic developer and user communities.
However, there is a
long-established, risk-averse mindset within many large companies.
Companies have established software procurement practices which depend
upon an interaction and relationship with a vendor. This has slowed the
adoption of open-source software which, similar to commercial software,
still has to be adopted under certain guidelines.
A few short years ago, I worked
with a company that had a "no open source" usage policy. Fast forward
to today, where average Fortune 500 companies are using more than 100
open-source projects each. Some companies are more conservative than
others, but I still see four basic phases of open source adoption in
corporate America:
Phase No. 1: No awareness
There aren't many of these
companies left, and when you do find them, they tend to be smaller
organizations. They don't yet know what open-source software is used in
their organization and they certainly haven't developed any policies
regarding it.
Phase No. 2: Denial and prevention
These companies often are
risk-averse. They have yet to try to understand how open source works
or do a risk-benefit analysis. They realize that open-source software
could contain risks, so they ban it outright or put huge barriers in
the way of developers who want to use open source.
Phase No. 3: Limited, safe usage
This is probably where most
companies are today in the adoption of open source. Enterprises start
by getting Linux from a large, trusted source such as IBM or another
enterprise vendor. The vendor provides key services including
indemnification and support.
Phase No. 4: Smart governance
The optimal phase of
open-source software is where enterprises use open-source software in
accordance with policies and architecture blueprints. In this phase,
companies realize that they need to put the same processes and controls
in place for open-source software as they have with proprietary
software. These controls enable companies to gain the benefits of open
source while mitigating risks.
As companies move towards "smart
governance" of open source, they will need to address several gaps that
exist between open-source software and the proprietary software they
are used to. Luckily, there are now a wide variety of vendors that wrap
open-source software with a set of offerings that help enterprises
close these gaps.
 |
Linux & Open Source 
