BURLINGTON, Mass.—A group of CIOs said they started using open-source software primarily because of cost reasons, but then stuck with it because of the quality and reliability of the code.
At a Feb. 11 panel on the CIO perspective at a Massachusetts Institute of Technology Forum of Cambridge event on open source, a group of CIOs shared their views on open-source software, and all said they had favorable experiences and will continue to look for IT advantages through open-source software.
However, one area the CIOs said they still see risk in trusting their core investments to open source is in the database.
“Its too dangerous for us; we have nine million users and theyre banging at our databases all day long, and its just not worth it for us to move off of Oracle and DB2,” said Barry Strasnick, CIO of CitiStreet Online, a financial services provider that is jointly owned by State Street Bank and Citicorp.
“It is just too risky for us” to trust that to open source, he said.
However, Strasnick added, “I would pay $100,000 a year for a good open-source sort product,” Strasnick said.
Likewise, Joseph Kennedy, vice president, Technology Architecture and Strategy Services, State Street Wealth Manager Services, said: “One of the areas we dont enter into the open-source world is the database.”
However, Kennedy said, “The reason we started with open source was a cost decision … Cost was my original reason. It allowed me to do a lot of things I wanted to do. And we realized we werent dealing with software that wasnt going to work. We found it was high quality and higher quality than other software. It was one of the best decisions I couldve made.”
Thomas Reynolds, senior executive director, Information Systems and Technologies, Idenix Pharmaceuticals, said that while his company does not use a lot of open-source software, what they use is not simply because of cost, but also because of quality.
“Its higher quality, more consistent and has a strong community,” he said.
In addition, Strasnick said “open-source software tends to keep up on releases better than some proprietary software.”
Moreover, “We spend as little as we can wherever we can,” Strasnick said. “One of our to-dos is reducing the cost of our hardware and software maintenance. The main reason were moving to Linux is the hardware vendors charge too much for maintenance on non-Intel CPUs.”
Reynolds said Idenix is in a period of rapid growth, having recently completed building out its infrastructure to move the company into this phase. “So the shift has been from pure infrastructure to keeping software costs low.
State Streets Kennedy said because of his open-source moves and purchases, his superiors “dont scrutinize me as much,” regarding IT expenditures.
Claudia Boldman, director of policy and architecture in the information technology division of the Commonwealth of Massachusetts, said that in a state where there has “been a matter of declining budgets” she has to look at “how do we maintain the effort with less money.”
Community Matters
Boldman said her division approaches open source from three primary directions.
First, “were responsible for running the states data center,” she said. And she had to come to grips with the fact that 60 percent of Web applications run on Apache, “so why is it in the private sector and not in the state architecture, she said.
Secondly, “Were moving toward a service-oriented architecture and were looking at open standards, not so much open source,” Boldman said. Among the reasons for moving to a SOA is “to achieve reuse,” she said.
And the third reason the state is looking at open source is the aspect of a community, or developing and supporting software through a community model.
Boldman said governments have the concept of “open code.” She defined open code as “code that governments paid for and own and can share with other governments, both state and local. We had companies coming to us selling the same software across 50 states. Thats not good use of taxpayers money.”
Meanwhile, Strasnick said his technical staff likes dealing with open-source companies because they like “to deal with software firms run by technical people and they can deal with technical people as opposed to marketing people.”
Reynolds said he considers himself a “very conservative” IT executive, in particular because the regulation of the Food and Drug Administration is strict.
“The only open source we use is the Linux operating system, and we buy the packaged version from Red Hat,” he said.
“We need that one throat to choke,” he said. “And having that as a foundation makes it easier for me to meet the validation requirements” placed on his company by the FDA.
Kennedy said State Street has been using open-source software in its IT environment for five years, including JBoss, PHP and Linux, as well as corporate standard infrastructure from Oracle, IBM and others.
Moreover, as the use of open-source software has increased, so has the need for more IT governance, the panelists said.
“Im sort of a benevolent dictator,” Strasnick said. “We have 400 developers across the world and any one of them can suggest a tool, but we have a team, and me, to decide whether we use it or not.”
Boldman said most of the states development “is through third parties. But as we do more and more of our own development, we know we need to do more governance.”
Other issues facing IT organizations around open source include software-as-a-service and security.
“We dont trust software-as-a-service,” Strasnick said. “We would never utilize software-as-a-service running on someone elses infrastructure.”
Regarding security, Kennedy said, “I dont trust my vendors any more than I trust open source, but I think we have more control [over open source software] because the code is open.”
Strasnick explained his view: “Theres been discussion that maybe people are putting back doors in open-source software. Realistically, I dont trust proprietary software any better.”