Open Source Unchecked

As open-source use runs rampant, IT must get a grip on governance and figure out if it's really saving money.

In 2006, a branch of the U.S. Armed Services wanted to know just how prevalent open-source software had become in its IT ranks.

The IT staffers knew that Linux and a few other open-source infrastructure apps were being used in "a couple of divisions," but they wanted to get a full understanding of that usage and then estimate the ROI to determine whether open source should be rolled out to other divisions. Consultants from Olliance Group took a look at the service's operations and after three days came back with some shocking news: The military branch was already using Linux and other open-source applications in 75% of its divisions, and in half of those, open-source use had already reached mission-critical status.

Though the open-source train had left the station without IT management onboard, the consulting firm was able to determine that the various divisions using open source were seeing an ROI of 300% to 700%. But the military branch still had no governance plan over the use of open-source technology. Needless to say, "they have one now," says Andrew Aitken, a senior vice president at Palo Alto, Calif.-based Olliance, which was acquired by Black Duck Software in 2010.

It's happening in the commercial world, too, he says. With the proliferation of open-source applications, and with vendors moving from licensed models to software-as-a-service models, open source is in a state of rapid maturation. What's more, "in today's large distributed environments, [companies] do lots of their own developing across the globe, and they outsource a lot of development, so they really don't know what their partners may be using. So it's taking a while to develop the critical mass to get the attention of people who have the knowledge, experience and responsibility to develop ROI and TCO models," Aitken adds.

So it comes as no surprise that 42% of 130 open-source users responding to a recent Computerworld survey reported that they aren't measuring the return on investment or total cost of ownership of their open-source projects, and 19% said they don't know if they're measuring those things. And more than two-thirds don't have a written governance plan (see charts at left).

"In many cases, open-source users are basing their entire assumption for TCO on acquisition costs," says Mark Driver, an analyst at Gartner. "They assumed that in the long run, it will be cheaper," but they don't take into consideration hardware costs, training, consulting needs and the ramifications of downtime if a system fails.

To continue reading this article register now

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon