NEWSLETTERS
 

CIO.com updates, insights and advice on technology, management and your career.

 CIO Blogs and Discussion
 CIO Web 2.0
 CIO Leader
 CIO Enterprise
 CIO Insider
More Newsletters | Edit Profile
 
RSS Feeds »
 
 
SUBSCRIBE TO CIO
 
Are you involved in setting the direction for your company's IT budget or strategy?

Apply today for a FREE subscription to CIO Magazine!

Subscription Services »
Reprints »

 


Thu, May 1, 2008 19:02 EDT

The Challenge Open Source Presents to CIOs, Part II: The Solution

Posted by: Bernard Golden in Best Practices

Topic: Enterprise Management

Blog: The Open Source

Current Rating: 5 Comments: 3

“The important thing is to plan a strategy, to set guidelines on where and when open source products are to be used. IT shops are scrambling to set open source policies, but almost no one has implemented one with any teeth.”--Mark Driver, Gartner Group

In last week's posting, I discussed the challenge open source presents to CIOs. In it, I analyzed an interaction between Sun CEO Jonathan Schwartz and an unnamed CIO, who professed that no open source was used in her organization and then was surprised when Schwartz noted that 1300 downloads of MySQL had gone into the organization in the previous six months.

I went on to describe the risks this kind of invisible open source use presents. The most obvious -- and the one usually focused on -- is the legal risk: if you don't know you're using open source, how do you know whether you're complying with its license obligations? However, as I said, this is actually a smaller risk compared to the operational risk of having unknown software components inside the company's infrastructure: how do you offer SLAs, ensure proper support coverage, and develop appropriate employee skills when you don't even know what you're running?

I often hear from people that they don't understand why open source should be handled any differently than any other IP. Put another way, this question might be phrased, what about open source causes it to be different than proprietary software? After all, both proprietary and open source software are both copyrighted intellectual property distributed under a license, so they must be the same, right?

The reason open source requires implementing a new set of processes reflects the fact that existing processes are configured around the practices and assumptions of proprietary software, which are not present due to the unique licensing and availability of open source.

Consider the usual flow of obtaining proprietary software:

  • Software engineer recognizes need for new software component
  • Software engineer consults with manager
  • Manager builds business case
  • Manager consults with finance, legal, and procurement
  • Manager obtains budget
  • Procurement creates RFP
  • Company obtains software
  • Engineer implements solution

As you can see, there are many steps and many organizations involved in this process. While the process can require an extended period to execute, it provides the opportunity for the entire organization to become aware that new software is going to enter the company's infrastructure. In other words, this process ensures no surprises, because all affected parties are involved.

By contrast, consider the usual flow of obtaining open source software:

  • Software engineer recognizes need for new software component
  • Engineer downloads open source component
  • Engineer implements solution

The ease of downloading open source addresses one of the major complaints about IT: everything takes too long. Using open source enables IT organizations to be far more nimble and creative. Unfortunately, if you compare this process with the proprietary-focused process, you can see what it lacks: the opportunity for other important groups to become aware that this new software is going to enter the company's infrastructure. That is to say, open source decisions never enter the established process because no permission, and, crucially, no budget is required to obtain it. Since the established processes are typically triggered by the budget process, open source use is essentially invisible to the organization.

Clearly, as the quote from Gartner VP Mark Driver indicates, IT organizations have to put policies in place to

Keywords:

gartner, Open Source

You do not have flash or javascript support.
Average (1 vote)
5
comment icon Reply
 
All Comments Comments
 
Mon, May 5, 2008 12:48 EDT
I don't see the difference
Anonymous user
Posted by: Mike3s
Rating:

You imply that organizations have their act together on non-open source software licensing, but maybe that is not the case either. How many developer licenses are in use in non-developer groups? How many license keys are copied to more than one internal server? How many license violations are taking place within the organization?

This is the same problem IT has faced since the 80's - if the company doesn't purchase an unlimited enterprise license, then you have to manage how all software is installed and deployed.

You do not have flash or javascript support.
 
Wed, May 7, 2008 13:05 EDT
Proprietary Software License Tracking
Anonymous user
Posted by: Original author
Rating:

Dear Mike3s:

You're absolutely right that tracking proprietary licenses is important and often mishandled, meaning that processes regarding proprietary licenses are important as well. A key difference is that someone, somewhere, will have purchased a proprietary license; the organization has a record somewhere that it owns a license, it just isn't tracking use correctly.

By contrast, open source can be downloaded without anyone other than the downloading employee being aware of the fact, which makes it impossible for someone charged with tracking license use to even be aware of it.

I guess what I'd say is that it's critical for IT orgs to have good processes to track proprietary license use and it's also critical for those processes to be examined and modified to ensure that open source use is tracked as well. That's the theme of the whitepaper I created and mentioned in the original posting.

You do not have flash or javascript support.
 
Sat, May 31, 2008 18:47 EDT
Its all about discipline
Anonymous user
Posted by: mike_n_buck
Rating:

I'm not sure that this applies to all IT departments. Indeed, if opensource is procured in the way described in the article then I would suggest that this highlights a discipline problem in the IT department. The implementation of new software should follow a disciplined process that finds the most appropriate tool to deliver business value - it shouldn't matter if this tool is open source, a package or an inhouse development. In each case the same policy should be followed that ensures that value is maximised and risk in minimised.

An organisation should look to bolstering this policy with strict installation guidelines, security reviews and automated software license audit tools. In this way, risk is minimised and innovation can be allowed to flourish

You do not have flash or javascript support.
About this Blog

News, views and updates from the fast-growing world of enterprise open source software.

Start a Conversation
Click to post

Got something to say? We want to hear it! Click the Post button to get started. GO»

EXPERT ADVICE
See our roster of experts.

Advice & Opinion from more than 108 of IT's most insightful thinkers.

  PARTNERS       WEBCASTS    
 

Preparing for the Next Cyber Attack

Ensure you are up-to-speed on the latest security technologies available to keep your network safe in this Executive Guide. Get a thorough assessment of the corporate security threat landscape. Protect your network with data leakage protection, NAC and other technologies explained in this report.

Sponsored by Qwest  Read this Executive Guide »

 

Cloud Building: 8 Ingredients for Internal Clouds

Cloud computing: a fundamentally new way to deploy IT services and functions cost-effectively and quickly. Learn how the VMware vCloud initiative dramatically improves how consumers access their information and experience applications as well as the 8 ingredients to get you going.

Sponsored by VMWare  Read this White Paper »

 

Investing in Business Analytics Technology

You're thinking now is the time to take the plunge into business analytics, but you still have some unanswered questions. This research summary addresses the most common questions and concerns surrounding the successful launch of a business analytics initiative. It also includes real-world examples of organizations already getting return on their investment.

Sponsored by SAS  Read this White Paper »

More Partners »
Resource Alerts

Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.

More Podcasts »
Resource Alerts

Get instant email notification when white papers, webcasts, and case studies are added to our library. Don't just be up-to-date—be up to the minute with our new Resource Alerts.

Improving Transparency and Accuracy in IT Cross Charging

During this Webcast you'll learn how KBC Group implemented SAP BusinessObjects Profitability and Cost Management and realized many benefits.   View Now »

 

Cost Savings and Risk Reduction with Effective Systems Management

Join us and see how Novell can help you respond to today's economic challenges by increasing productivity, reducing costs and aligning IT initiatives with overall business goals.  View Now »

 

Capitalize on Your SAP Content

Learn ways to improve your content management by viewing these Open Text webinars today.  View Now »

More Webcasts »
Resource Alerts

Get instant email notification when white papers, webcasts, and case studies are added to our library. Don't just be up-to-date—be up to the minute with our new Resource Alerts.

 
NEWSLETTER

Sign-up for the Blogs & Discussion Newsletter

 
FEATURED SPONSORS
 
 
 
SPONSORED LINKS
 

Introducing the new HP ProLiant G6 server family

Accenture: Outsourcing for Competitive Advantage. More...

Better spam protection with Postini for just $1/user/mo

Introducing the new HP ProLiant G6 server family

infoBOOM! - The Mid-Sized Company CIO's Exclusive Community

Accenture IT Consulting: Logical meets technological. More . . .

The Fraudster Economy Model: Operating a Business in the Underground

Trade in your old laser printer and get up to $1000 back!

Taking the Service Desk to the Next Level

Revolutionizing Enterprise Application Deployment

Why Data Loss is Increasing--and What You Can Do About It

Data Loss Prevention: A Better Way to Approach Security

Learn how to managing client systems in the enterprise.

Build a High-Performance Open Web Platform

Mid-Sized Company CIO Community: infoBOOM!

Enterprise PBX Comparison Guide

Getting Value from Outdated Networking Equipment

Losing Ground: 2009 TMT Global Security Survey

Stop Application Fraud at the Source with Device Reputation

Learn about the VMware vSphere (TM) & Intel (R) Xeon (R) Processor 5500 Series

Learn how a virtualized enterprise can help your company reduce costs

Why Isn't Server Virtualization Saving Us More?

Learn how to save 30% through project & portfolio management.

How Open Source is Changing the Face of Enterprise Software

8 Key Ingredients to Building an Internal Cloud

Accenture IT Consulting: Enabling high performance. More...

Top Five CIO Challenges

Insight makes it easy to spend your Microsoft subsidy check.

Five minute business analytics assessment. Immediate results.

Dangerous Collaboration Practices: 5 Ways IT Can Minimize Risk

Accenture: Outsourcing for uncertain times. Click to learn more.

The Case for Investing in Business Analytics Technology. Read white paper.

Live Webinar: Applying Business Analytics. Click here to learn more

Seven Ways ITIL Can Help You in an Economic Downturn

Developing A Dynamic, Real-Time IT Infrastructure

Maximizing the Business Value of the PC Infrastructure

Communications and Collaboration Needs at Business Organizations

Using Open Source to Deploy Web Applications

Cloud Computing: Read about VMware's compelling vision & set of products

Enterprise PBX Buyer's Guide

Secondary Market Primer: Your Network at Half Price

How Interactive Viewer Reduces the Effort to Meet Visualization Requirements

Top-line Performance that's Bottom-line Efficient

White Paper: 8 Key Ingredients to Building an Internal Cloud

Read about virtualization and consolidation effort best practices

Building the Virtualized Enterprise with VMware Infrastructure

The Global Marketplace Today: Strategies for Tough Times

Top 10 Business and IT Drivers for the Wealth Management Sector

5 Steps to Automating Accounts Payable

Bottom-Line Benefits of Virtualization