Implementation tipsheet

To lay the groundwork for greater use of open-source software in government, Mitre Corp. officials recommend the following three policy steps:

The list should include applications that are commercially supported and widely used, and have proven track records of security and reliability. When considering products for the list, officials should give priority to heavily used applications and tools that provide high value. Examples include Linux, OpenBSD, NetBSD, FreeBSD, Samba, Apache and Perl.

These include policies that encourage the use of commercial products that work well with open-source programs, such as Microsoft Corp. Windows Services for Unix products, which can use open-source development tools. In addition, policies should be created to deal with products — such as Apache and Linux — that are already in use but may not enjoy official approval status.

Having an array of products lowers the risk of cyberattacks based on exploitation of specific products' features or flaws, and adding open-source products is a low-cost way to diversify the overall product mix.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.