Closing Open-Source Gaps by Developing a Policy
Open-source software is becoming ubiquitous, but companies need to be aware that its use must be carefully managed. Problems can arise because many open-source licenses require that users who incorporate open-source code in their software must make their code available for free (at reproduction cost), permit modifications of the software and permit redistribution without charging a fee.
These obligations could dramatically decrease the value of commercial software that incorporates open source. And the scope of these obligations is unclear. For example, basic license terms in the General Public License (GPL), the most commonly used open-source license, such as derivative work and collective work, are not well defined for software. Another major concern is that the GPL terminates immediately upon any breach of its terms rather than the more common contract approach of providing a period to solve any such breach.
Failure to address these issues can be expensive. A company that uses software without a license is in violation of copyright law and could be liable for significant damages. Similarly, automatic termination means that a company that incorporates open-source software in a consumer product risks millions of dollars in damages if it makes an error in incorporating open-source software.
The use of open-source software is further complicated because the Open Source Initiative has approved over 50 licenses as meeting the Open Source Definition. Many of these licenses are not compatible. For example, a software module licensed under GPL can't be distributed with modules licensed under the Mozilla Public License.
Despite these uncertainties, Fortune 500 companies such as IBM, Google Inc., Wells Fargo & Co., DaimlerChrysler AG and ETrade Financial Corp. use open-source software. Major companies such as IBM, Oracle Corp., Sun Microsystems Inc., Sony Corp. and Hewlett-Packard Co. have incorporated open-source software in their products, and some companies have shifted from a commercial to an open-source model for major products, such as Sun for its Solaris operating system and CA Inc. for it Postgres database software. Even the U.S. Department of Defense, in a recent strategic report on its IT needs, advocated the use of open-source software. However, the uncontrolled use of open-source software can lead to serious problems. Consider that IBM reduced the purchase price for Think Dynamics Inc. by 30% due to uncertainties arising from the use of open source.
Given these uncertainties, software developers and users need to manage the use of open-source software. It is no longer possible to simply prohibit its use. Rather, companies should avoid these problems by adopting an open-source use policy, which should address the following issues:
- Use of open-source components in products for third parties.
- Use of open source for internal purposes.
- Approved usage models.
- Implementation of policy by industry experts or outsourced teams.
- Permitted/forbidden open-source licenses.
- Rules for contribution by employees to open-source projects.
- Use of commercial products (Black Duck/Palmida) to audit use of open-source code.
- Study: Total Economic Impact of Google Apps Employees can work faster and IT spending can decrease when companies switch to Google Apps, says a commissioned study by Forrester Consulting. Going...
- Protecting Digitalized Assets in Healthcare Healthcare providers face an urgent, internal battle every day: security and compliance versus productivity and service. For most healthcare organizations, the fight is...
- Is a SaaS Deployment Right for You? Find out the answer and as well as the other deployment options.
- Discover How Mail Express Solves 2 of Your Biggest IT Headaches Email. It can be the source of some of IT's biggest headaches. As it eats up storage and bandwidth, it also opens up...
- Increasing the Value of Your Reports and Dashboards Learn how incorporating other analytical capabilities such as predictive modeling and visualization can increase the value of your reports and dashboards by providing...
- Video surveillance for IT: maximum image quality, minimum bandwidth Join us on Thursday, May 8th at 1 p.m. EST when Willem Ryan, Senior Product Marketing Manager at Avigilon, will discuss how IT... All Management White Papers | Webcasts