The Challenge Open Source Presents to CIOs

to Technology Topics |
This week's eWeek contains what should be a wake up call for every CIO regarding the pervasiveness and challenge that open source represents to their jobs and organizations. In the midst of an extensive interview with Jonathan Schwartz and Rich Green, Schwartz cites this anecdote, which provides dramatic evidence of the role open source plays in today's IT landscape. Here is the anecdote in its entirety:
Schwartz recounts this incident as an example of how Sun is going to prosper with its open source strategy, and I'm pleased with their happy outcome, but the true meaning of this incident is far more profound and illustrates what a challenge open source represents to IT organizations' business-as-usual.

In this company, open source is being widely deployed; however, none of the existing processes are tuned to address this fact, and are, in fact, completely blind to the presence of open source in a large number of the company's IT projects. Think about the risk exposure this represents. Obviously, there are questions regarding whether the company is complying with the license obligations of the open source software, so the company's attorneys are likely to be concerned.

To my mind, though, legal risk is only a small part of the overall risk this CIO faces. The far larger risk is that there is no visibility into the makeup of a significant portion of the company's IT infrastructure. How can you confidently plan for SLA commitments when you're not sure of what software you're running, its maturity, supportability, and so on? Furthermore, as a CIO, you face the very real potential of being unable to adequately map out your workforce skills planning, since you are unaware of what development and operations commitments accompany these invisible software implementations. Finally, it's hard to attest to important regulatory requirements (if you're subject to regulations like recoverability and so on, as financial institutions are), when you don't know what will need to be recovered.

The initial response by many CIOs is to ban open source, but it's far too late to bar that gate. As Gartner has noted, over 90% of all enterprises will be using open source by 2010. Given that, the critical action item for CIOs is to set up policies and processes to manage the use of open source and ensure that its benefits are retained while risks accompanying its use are reduced. The common term for this is "Open Source Governance." In my

Continue Reading

Our Commenting Policies

Browse CIO Blogs

See all CIO Blogs »

Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all Newsletters | Privacy Policy