Blogs

I've spent a lot of time helping companies figure out how to manage open source software in their enterprise. Challenges that enterprises face include figuring out what open source they are using, creating an open source software policy, setting up a review process or an open source review board, and then getting on to the day to day business of managing open source software. All without disrupting the developers who are already happily and productively using open source software! (You just want to help them be more productive while making sure you comply with licenses and minimize risks.)

In a conversation with a large financial company, we realized that there's a life cycle that enterprises go through when they are managing open source software.

Commercial open source has a peculiar sales process. Frequently, when a firm decides to buy (license) a specific type of software like a content management system or a wiki engine, they'll find that their company already employs multiple solutions, downloaded for free from the Internet. By some measures, this is dangerous to IT governance, as it bypasses corporate purchasing and operating regulations. On the other hand, open source empowers IT users to make their own decisions early on without having to go through lengthy approval processes, keeping them nimble and speedy. So, is commercial open source good or bad for IT operations and the CIO?

Software as a service (SaaS) entered the IT landscape in 2000 and has revolutionized the deployment models of many software companies and even entire industries, such as Internet search. It has also becoming an increasingly popular form of consuming applications within enterprises of all shapes, sizes and geographies.

SaaS also brought about a heated debate over the distribution and licensing of open source software. This is of particular importance for open source companies whose software is used to power Internet-based services and applications. If someone uses their open source software over a network and alters the code in any way, do they need to make their code changes available and does it fall under the guidance of popular open source licenses such as GPL? This was the dilemma that SaaS created for the open source community and what is now often referred to as the "ASP loophole" of the GPL license.

It is my first post here on FossBazaar and I would like to thank its team for having invited and welcome me on board. You may recall that I had blogged earlier about FossBazaar in my regular blog, « Moved by Freedom, Powered by Standards » where I discuss topics such as Free and Open Source Software, Open Standards, OpenOffice.org Cloud Computing, etc.

In my previous entry I noted that small and medium businesses tend to develop governance policies adhoc and real time and are likely to be developed and run by IT. That is, as open source proliferates, the policies are more organic and evolve over time. They also tend to be more technically oriented and include fewer business terms or provisions.