Taming the Wild Open Source Implementation

Open source deployments are becoming more pervasive as enterprise IT shops get more comfortable using the software. But open source can present challenges, and organizations would be wise to follow some best practices.

Clearly, open source has arrived as an enterprise IT strategy. A research report released by Gartner Inc. in November 2008 shows that adoption of open source software is becoming pervasive, with 85% of 274 worldwide companies surveyed by the Stamford, Conn., firm currently using open source and the remaining 15% expecting to in the next 12 months.

But the same survey shows that there’s a need for more discipline when it comes to implementing open source. Nearly 70% of the companies surveyed still have no formal policy for evaluating and cataloguing open source usage in their enterprise, Gartner says, opening up potential liabilities for intellectual-property violations.

The research firm says a lack of governance was the number one challenge for open source users in the survey, followed by conflicting terms and conditions and the availability of too many license types and forms.

Here are some recommended best practices that can help organizations launch successful open source deployments:

Create an open source policy that includes governance over how open source will be procured and used. Surely some departments and individuals will use open source software on their own, and companies will launch broader, enterprise use of some applications. Organizations need to have a formal policy in place to oversee how open source is being implemented and to measure its effectiveness.

It’s important to understand how open source is used in the organization, says Bernard Golden, CEO of Navica, a San Carlos, Calif., consulting firm that focuses on open source. “Is it solely used within the firewalls of the organization, is software distributed?” Golden says. “Understanding this is vital to ensure compliance with open source licenses. The quid pro quo for free software is expectation of license compliance.”

Part of the governance effort includes tracking and project management to identify when and where open source is used, Golden says. Organizations should consider creating an “open source review board” to examine requests to use open source within the company.