Open source is an attractive option for organizations wanting to design their own software as well as saving money of proprietary licenses. ZDNet reports that “It’s An Open Source World-78 Percent of Companies Run Open Source Software”, but the adopters do not manage their open source systems very well. Every year Black Duck Software, an open source software logistics and legal solutions provider, and North Bridge, a seed to growth venture capital firm, run the Future of Open Source Survey. Organizations love open source, but
“Lou Shipley, Black Duck’s CEO, said in a statement, ‘In the results this year, it has become more evident that companies need their management and governance of open source to catch up to their usage. This is critical to reducing potential security, legal, and operational risks while allowing companies to reap the full benefits OSS provides.’”
The widespread adoption is due to people thinking that open source software is easier to scale, has fewer security problems, and much faster to deploy. Organizations, however, do not have a plan to manage open source, an automated code approval process, or have an inventory of open source components. Even worse is that they are unaware of the security vulnerabilities.
It is great that open source is being recognized as a more viable enterprise solution, but nobody knows how to use it.
Whitney Grace, April 19, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph