Notes On Improving Open Source’s Image
“Open source” and “doom and gloom” often go hand in hand.
True, open source has its proponents — some of whom are so devoted to the notion of transparent software that they show, at times, the fervor of certain evangelists. But many CIOs and CTOs, not to mention CFOs and CEOs who are risk-averse by training, worry about open source in the enterprise. They question its place and even its value: Can we trust it? Is it safe for mission-critical applications? Is it as good as commercial stuff?
The answer, of course, is yes (if a qualified yes). As with commercial software, open source runs the gamut from poorly designed and poorly written code to airtight, nearly bulletproof products that rarely fail. And the market appears to agree. Apache, the world’s best-known open-source Web server, dominates its field — no commercial server can even approach its penetration levels, nor does the horizon show any contenders. MySQL has long eaten away at Microsoft and Oracle, the same way JBoss has cut into IBM’s WebSphere. Let’s not forget that Perl is an open-source project too, and it’s used on millions of Web sites, large and small. If nothing else, the now-pervasive presence of open source is tacit evidence that its image is improving.
So are the actions of the world’s largest software makers. Recently, SAP bought Socialtext, IBM bought Gluecode and Oracle bought Sleepycat. The former are brand name (and world-class) software firms and true juggernauts. The latter are small, largely unknown open source start-ups. The point? When Goliath takes more than a passing interest in David, you know there’s power in his slingshot, no matter how small it is.
Marquee research groups also have noted the rise of open source. In July, Bob Igou, an analyst at Gartner, the world’s largest IT research firm, wrote that open source is “now on equal terms with application service provider/hosted software and is displacing a slight but consistent segment of the proprietary/commercial software market.”
“Slight but consistent” equals “slow but sure.” Open source, if only by inches, is making a home for itself in a most trying terrain: the enterprise IT market. Problems or Bogeymen?
So what’s the beef? For most open source doubters, it starts with support. Commercial vendors offer well-designed, always-on support for a price — if a hefty one. Most think open source offers lengthy guides and user forums but little in the way of live help. Yet a growing number of “commercial open source” products — that is, products built on open-source code but further modified and sold, not merely shared — offer support that rivals the big boys. Take SugarCRM (www.sugarcrm.com), which has the forums, wikis and other support options you’d expect, but it also offers training and tiered paid support. Their premium plan is always on, by e-mail or phone, with account managers and quarterly account reviews, two aspects you’ll find in large-scale commercial programs.
Hand in hand with support worries, some managers question the stability of open source, especially those managers who’ve never used it. They note that most open-source products have no trained, full-time quality assurance (QA) teams to test them. But those very same products have enormous user groups who test them daily, with better results, perhaps, than corporate QA. (User groups might lack QA teams’ strict methodologies, but real-world testing is better than any lab review, hands down.)
What’s more, users who test the software can and do write patches and extend the products’ feature set. Indeed, the open-source model is based on the notion that users can improve it, making product improvement an ingrained part of the open-source culture. Can this always be said of for-profit firms where a sales focus trumps a concern for quality?
And if those arguments fail to win over the doubting CIO, companies such as SpikeSource (www.spikesource.com) might. It’s a novel breed of IT service: an open source testing and validation firm. Even SourceForge offers a testing service designed to help you select your open source download and minimize the disruptions it might cause.
But of all the objections to open source, legal issues — license, copyright and disclosure among them — are the hardest to handle. An open-source license is a tricky thing, and if you download, modify and deploy open-source code, you might be legally bound to share your work with the world. That no only compels you to share your work with competitors, but it can open (at least in theory) security holes in your network because the nature of the changes you make could disclose the nature of the systems you use.
The antidote? Kick off open-source projects with a thorough review by the legal team. Have it vet every aspect of the license and how it affects your planned use of the software. Make sure the team talks to (and understands) your project managers, designers and programmers. You’d follow the same process for commercial software on which you spend millions — why not do it for software that can save you millions?
And it can. Saving money is one of the best parts of open source, a point that’s likely to win over even the most leery executive. Avoiding vendor lock-in and drawing on a vastly greater (and always growing) feature set is nice too. In the end, those benefits outweigh the risks for most firms, meaning that open source, long the black sheep of enterprise software, is becoming a full part of the flock.
David Garrett is a Web designer and former IT director, as well as the author of “Herding Chickens: Innovative Techniques in Project Management.” He can be reached at firstname.lastname@example.org.