Open Source: Great Power Comes With Great Responsibility

The recently completed Future of Open Source survey by North Bridge and Black Duck continues to highlight the incredible strength of open source software and its inherent risks. After completing the survey earlier this year, I was waiting with much anticipation for the results. It is one of several industry markers that provides me with interesting insights. This year’s results continue to show that the trends in open source for enterprises are its power and ubiquity, and the responsibilities that come with its usage.

Great Power

In the recent Future of Open Source survey, 90% of respondents said that open source software improves:

• Efficiency
• Interoperability
• Innovation

The survey results reflect the pervasive support of open source by companies and developers today. And that support is there for a good reason. If you want the most powerful software to drive your business needs forwards, open source is likely where you will end up no matter what you’re trying to accomplish.

The best software tools, languages, and products are found in the open source world. The superior interoperability (compared to proprietary software) along with faster time to market and large choice of projects makes open source the only game in town.

One of the key advantages is that open source evolves more quickly than most proprietary software products. In the end, open source is vendor agnostic.

It is clear that open source adoption accelerates time to market. The entire startup ecosystem is dependent upon open source where time to market is crucial. In addition, some of the best engineering teams in the world are releasing their innovations into open source, for examples look into Facebook, Twitter, Google, and Netflix.

From the same Future of Open Source survey, open source “...continues to grow as a key hiring and retention tool in IT shops of enterprises, governments… Investing in the open source community spurs innovation, delivers exponential value and most of all, it’s fun.” If you want to attract and keep the best talent for your engineering team, you have to provide them with the best tools available. The best software attracts and keeps the best talent. Assuming you do the basics to have happy employees, they will want to work on technologies they view as interesting, that is fun/quick to solve problems with, and good for their careers.

While all of these aspects of open source are fantastic, like any great investment it comes with great responsibilities.

Great Responsibility

The use of open source software in your corporate projects is almost a foregone conclusion. However, how you handle that great power is not as trivial. From the same survey, nearly half of those responding report they have no formal processes to track their open source usage in their company or products, and that no one has responsibility for identifying known vulnerabilities and tracking remediation.

Open source software is powerful, but it also means you have to plan to mitigate the risks of its use internally in your organization. Like any software project, a considerable amount of the total cost of ownership is the maintenance going forward and with open source you are subject to the whims of the community for updates and support. Someone needs to keep up with what is happening on key projects you are dependent upon or you risk having an unsupported block of functionality that is no longer on anyone’s radar.

With great power also comes great responsibility. Make sure you understand how you are going to support the key technologies that your developers are choosing. Find out if there are licensing restrictions or grey areas that may result in IP infringement or patent risks in the future. Open source security and management practices have not kept pace with this rapid adoption and they fall on the user to make sure they are responsible to know what’s going on. However, this can become the company's problem.

The bottom line is going forwards have a plan to ensure those open source investments you are making now are not heavy burdens in the future.