Benefits of Open Source
In the past users, supporters, evangelists hyping the benefits of Open Source would loudly declare “cost’ is the primary benefit. Today, I think we’re well past that, while cost is important there are other benefits which must be considered. This week I’d like to investigate these benefits and associated hidden costs mainly because these questions should be asked and because managers and VP’s may not necessarily focus on cost alone. As hard as it is for me to say, Free and Open Source software is not for everyone and one should not blindly accept a solution on ideology alone.
Choosing an Open Source solution has many benefits and I’m sure each of you has your own reasons, hence it would be impossible for me to list them all. Instead I’ll discuss a handful which I consider vital in the decision making process. Transparent ownership is a given with the inherent freedom built into Free and Open Source software. As such these freedoms grant the user full and unhindered access to source code. A company with on staff developers, armed with source code can be a very powerful tool or enabler for the organization. Many developers prefer to reuse and improve code rather than reinvent the wheel. Such behaviour fosters the community attitude and mutual scrutiny providing the security and constant improvement seen in Free and Open Source projects. This network or global community that sprouts around each of these projects provides an economy of scale of sorts where many more eyeballs are scrutinizing code than any single developer can achieve alone. Some may argue code quality in these projects is poor. There is always some truth to this, but on the whole it is simply an exaggeration. I say this because most free and open source developers contribute on weekends and evenings. A great majority have day jobs at all sorts of IT companies, some even places like IBM, Sun, Google, Novell and Microsoft. Free and Open Source projects benefit from the training these companies provide to their developers. In which case, how can one argue Free and Open Source has poor quality code? Secondly, because we have so many more eyeballs scrutinizing, it is fair to say any badly written code would quickly be updated by the community. Over the last decade an interesting thing has been happening in the commercial software market. As hardware costs plummeted software costs have been increasing through annual maintenance costs. Many don’t think of this but Free and Open Source software has the added benefit of no annual maintenance cost. Getting to keep 20-30% of original software acquisition cost on an annual basis can add up quickly and can be used for more important business enablers. Show me an IT department that couldn’t use a budgetary cushion for those unexpected items. This takes me to my next point, Free and Open Source software typically has quicker deployment because no budgetary approvals are required. If you discover a new Free or Open Source security tool you don’t have to ask your VP for budgetary approval or put things off until next fiscal year. Simply download, install and if it fits with your requirements, great, if not, delete and you’ve done it all without blowing your budget.
When making a decision one must be prudent and look at both the good and the ugly. I’ve heard many times Free and Open Source software has no or limited support. I will partially agree with this statement, while this may have been true in the 90’s these days many if not all mature, seasoned Free and Open Source projects have paid support options. In fact the GPL under which these projects are published encourages the notion of generating revenue from things like support. Typically, immature Free and Open Source projects tend to have less than stellar support options. In these cases the global community is your support life line. In fact the open market concept is applied beautifully to support options whereby if you don’t like dealing with one support vendor you can choose another. In contract proprietary commercial software vendors have a monopoly on support, the user has zero choice. In addition to possible support costs Free and Open Source software has in my view hidden costs which should be explored. Certainly, staff training budget could take a hit if no one on staff is familiar with Linux. While many Free and Open Source projects are multi-platform, some are strictly Linux and being familiar with ‘bash’ and how to install and configure Linux software is a must. In such cases you may say to yourself we’ll hire a Linux admin. Sure great idea, but you may find Linux gurus are hard to find. I place this next hidden cost in the HR cost category. For example if you post a Windows centric IT position chances are you’ll get a stack of resumes. However, if you post a Linux Admin position you’ll find your resume stack considerably thinner. This phenomenon is getting better these days as more IT admins are turning to Linux and schools have it on their radar but the disparity is evident. Then of course you have other hidden environmental costs with less impact. Many like to reuse old PC’s with Free and Open Source software; for example Firewall or Proxy. While this is great because it may offset your hardware costs, it may increase electrical costs (old power supplies are less efficient). These hidden costs may seem trivial but for some companies they may have significant operational or budgetary consequences. Lastly one impact most often overlooked is tool poor manageability and reporting. Proprietary commercial tools devote significant resources to ensure their tools are pretty, with colorful reporting. While most Free and Open Source projects have improved in this area some continue to struggle in improving management interface, reporting and general usability features. While this may not be a deal breaker for some, other smaller shops may require an easy to use tool with a user friendly user interface.
As you can see there are many aspects of Free and Open Source software which should be considered before making any decisions. While most mature Free and Open Source projects are on par with their commercial counterparts some are simply not even close. Before adopting a new security tool or any Free or Open Source application consider above benefits and hidden costs in your decision making process. Free and Open Source software is mature and ready for the enterprise but don’t adopt based on ideology because that’s a sure recipe for disaster. Many have listened to the hype and took the plunge only to find out later something wasn’t a good fit. Just like with any other software purchase decision do your homework.