Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Overcoming open source misconceptions

Dirk-Peter van Leeuwen, senior vice president and general manager, Red Hat Asia Pacific | April 10, 2015
As open source has grown in popularity over recent years (both for private and commercial use), so has the number of misconceptions about open source and its use, particularly in enterprise environments.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

Dirk-Peter van Leeuwen, senior vice president and general manager, Red Hat Asia Pacific
Dirk-Peter van Leeuwen, senior vice president and general manager, Red Hat Asia Pacific

As open source has grown in popularity over recent years (both for private and commercial use), so has the number of misconceptions about open source and its use, particularly in enterprise environments.

These range from the belief that open source is not secure enough for businesses, since it is community-based to misunderstandings about the availability and quality of technical support. While some of these misconceptions have been propagated since the early days of open source, enterprise-ready offerings today provide the same, if not higher, levels of security, capabilities and reliability as proprietary counterparts.

Here are four common open source misconceptions:

1. It is not ready for enterprise deployment
The origins of this myth are likely rooted in what was noted earlier — that open source is synonymous with communities and hobbyists and therefore only deemed fit for these groups.

The contrary, however, is true, especially as more enterprises around the world adopt open source within their organizations.  Further disproving this myth is the fact that the value of open technology — having more experts reviewing codes for security flaws — has proven to enhance security best-practices.

2. Open source is not secure
Drawing from the first misconception comes another "oldie but goodie" in that open source is not secure. First, we can consider how security fixes are applied to closed or proprietary platforms: the flaw must be identified by individuals that have access to the source code (usually only those employed by a vendor), which takes a substantial amount of time, and then a fix must be coded, tested and delivered, adding even more time to the equation.

Compare this to a standards-based and open approach to development, which can help identify potential security flaws quickly.  For example, in 2014, Heartbleed was identified in the popular OpenSSL crytographic software library. Many customers did receive instant response from some of their vendor's security response teams on follow-up actions to test, patch and secure the flaws.

3. There is no support available
When organisations, especially enterprises, adopt open source, it is rarely the free, unsupported community version. While it is common to start on community open source projects, particularly in non-mission critical environments like research and development or testing, most business only consider vendor-supported, enterprise-ready versions when it comes to mission-critical deployments.

 

1  2  Next Page 

Sign up for Computerworld eNewsletters.