Closed mind to open source? Think again.
By now most organisations are at least aware of open source software – it is not a new concept and has been around for decades. For example, the government is instructing public services to “use open
By now most organisations are at least aware of open source software – it is not a new concept and has been around for decades. For example, the government is instructing public services to “use open source software in preference to proprietary or closed source alternatives, in particular for operating systems, networking software, web servers, databases and programming languages”. However, many organisations would like to benefit from the rewards it offers but still do not have processes in place to handle the associated risks.
Using open source code has a number of advantages - the use of pre-written components can significantly shorten the development phase for new software, freeing up resources to develop higher level products which add to the commercial offering and provide a competitive advantage. As a result of a shortened development phase, the software can be made at lower cost to the end user.
Concerned about stability? Major open source projects often have rigorous peer-review mechanisms in place which proponents argue result in products which are of at least as high a standard as commercially-produced software – particularly as regards coherency, consistency and stability.
It is important, however, to manage the associated risks. Examples which are often cited are that open source products are often made available without any warranties, guarantees or intellectual property indemnities. Also, under some circumstances a closed source application derived from or containing open source code must be made available as open source software itself when it is distributed – the so called 'viral effect'. Many organisations are not aware of the obligations and restrictions imposed on them under the licence terms, which can result in accidental breaches and infringement action; and not all open source licences are appropriate for all uses.
Open source material is not something to use without proper appreciation of the issues, but the same can be said for any software. We regularly come across issues in practice involving open source software, many of which could have been avoided by seeking advice early and putting preventative measures in place.
So what would be my key tips to using open source material?
Using open source material may be much more manageable than you previously thought.
Using open source code has a number of advantages - the use of pre-written components can significantly shorten the development phase for new software, freeing up resources to develop higher level products which add to the commercial offering and provide a competitive advantage. As a result of a shortened development phase, the software can be made at lower cost to the end user.
Concerned about stability? Major open source projects often have rigorous peer-review mechanisms in place which proponents argue result in products which are of at least as high a standard as commercially-produced software – particularly as regards coherency, consistency and stability.
It is important, however, to manage the associated risks. Examples which are often cited are that open source products are often made available without any warranties, guarantees or intellectual property indemnities. Also, under some circumstances a closed source application derived from or containing open source code must be made available as open source software itself when it is distributed – the so called 'viral effect'. Many organisations are not aware of the obligations and restrictions imposed on them under the licence terms, which can result in accidental breaches and infringement action; and not all open source licences are appropriate for all uses.
Open source material is not something to use without proper appreciation of the issues, but the same can be said for any software. We regularly come across issues in practice involving open source software, many of which could have been avoided by seeking advice early and putting preventative measures in place.
So what would be my key tips to using open source material?
- Carry out due diligence on the provider and the solution - well established software is in general more likely to remain stable.
- Put systems in place to monitor your developers' use of code libraries and online forums, and to track where code elements derive from.
- Understand the terms of the open source software licences involved (including the consequences of modifying the software) and put in place a comprehensive system of governance to ensure compliance with licence terms and to avoid inadvertent tainting of proprietary software.
- Consider the extent to which your risk can be mitigated in any contracts, or by insurance such as open source compliance representation and warranty insurance.
- Ensure that your internal IT policies are up to date.
Using open source material may be much more manageable than you previously thought.