How open source delivers for government
- By Stephen Frost
- Feb 13, 2015
Amid the well-deserved hype around the impact of cloud technology and big data analytics, it is possible that casual industry watchers may have missed the real story behind the recent wave of IT re-architecting.
Enabling many of these recent, powerful trends is a newly validated embrace of open source software technology. The movement to OSS solutions is empowering system designers and solution architects to re-examine methodologies that evolved out of the legacy proprietary, closed source software license model. Put simply, OSS allows developers of IT systems to create better results and cut costs.
Enterprise IT leaders in business and government have taken notice of the benefits of OSS. For example, the recently launched U.S. Digital Service published a Digital Services Playbook that urges agencies to "consider open source software solutions at all layers of the stack." The General Services Administration extended this thinking in the recently introduced Open Source First policy as part of its effort to modernize its organization, processes and technologies. Defense policy makers have gone further, directing those within the Department of Defense to identify barriers to the effective use of OSS within the DoD so that the military can continue to increase those benefits.
One of the key drivers of OSS adoption has been cost. But while the savings can be dramatic, cost reduction is not the whole story. OSS also creates the possibility of more reliable, more trustable, more functionally appropriate, and just plain better solutions.
Historically, companies needed to factor in the cost of closed source software at peak license distribution even if they routinely needed a smaller number of licenses. On top of that were support fees tied to the peak distribution. Solution designers had an incentive to constrain distribution of software even if the use case was under-served.
This is clearly not so in an open source world. Both the solution architect and budget manager need only to consider the support costs, not licensing costs; and outside vendor support is generally more cost effective than internal capability. In the case of a distributed database solution, the difference in cost can really add up.
A simple example of how the move toward OSS can improve IT architecture is by thinking about database backups. In the legacy regime of licensed closed source software, each license of an incremental database came with a cost -- often a steep cost. In the world of OSS, enterprise users are able to maintain replicas of databases as backups with no incremental license cost. The more copies of the database software you have, the more options you have when things go wrong. The more copies of the data management or analytics software you have, the more choices you have to efficiently move your data around.
Security and Reliability
Cost alone can carry the day for some projects, but security and dependability are the main drivers for many mission-critical needs.
Here too, open source is a great alternative to closed source. Contrary to a common myth of OSS, most of the development and support is performed by dedicated, highly trained professionals who are on par with the development shops of any of the top tech firms. In fact many of the best OSS projects have the support of leading commercial enterprises like Red Hat, Google and Salesforce.com.
Still, OSS must pass the close testing and rigorous examination of many interested parties. Researchers and scientists of all types are familiar with the withering gaze but necessary value of peer review, involving open and independent examination by many experts. With OSS, users in business, government, academia, and even hobbyists all get to look at and make judgments about OSS, and users are the ultimate beneficiaries.
Walmart's Eran Hammer, senior architect for the Node platform, echoes this idea, reporting that Walmart enjoys a "significant quality and stability boost" that results from the efforts of early adopters of OSS.
Even some in the national security community are taking advantage of open source and crowdsourcing. The National Geospatial Intelligence Agency uses OSS to help it develop apps for geospatial analysts. "While there are some security concerns, I believe the way we deployed this architecture really addresses those security concerns," said Dave White, NGA's chief information officer. "The risk is very manageable but what we are getting in return is innovation," he continued, "and it'really advancing our mission."
Of course, no matter how well-trained the solution developers are, and no matter how carefully scrutinized the solution is, users may discover vulnerabilities in software, which is true whether it was developed under the closed or open model. If those vulnerabilities are in proprietary software, "the only people who can identify and fix the problem are employed by the company that wrote it," notes Gunnar Hellekson, chief strategist for Red Hat's U.S. Public Sector Group. "They can be smart, they can be well-trained, and highly-skilled, and use only the best of the best practices of software development, and they still couldn't muster the number of eyeballs commanded by a high-functioning open source community." An enterprise that is supported by an expert in-house support team, backed up by an active, well functioning open source community, will be well served by the number and diversity of solution seekers.
By the same logic, it is also more difficult to hide a vulnerability in open source code since the source is readily available. That means no party can build in a back door or other security exposure without the prospect of peer review and user examination ringing an alert for all users to see. Any user of closed source products knows that they are entirely reliant on the ongoing commitments of the developer, with limited control over some of the risks involved. Independent testing methodologies and certifications can help, but these are only valid for the exact code certified -- not the next version, nor the next patch, and certainly not for the advanced features acquired separately. Healthy OSS projects are subject to constant, ongoing examination and communication among many invested parties, and that openness benefits all users.
The road to broad adoption of OSS has seen a few speed bumps and potholes.
It should be no surprise that OSS would follow something like the well-established adoption curve, complicated perhaps by the mix of technologies capturing the distribution approach. Nonetheless, OSS adoption has been characterized by early adopters who were both tech savvy and confident that they could respond to any difficulties. This is a proven strategy for testing new ideas.
As early adopters give way to the early majority, the market is recognizing the need for professional support options to supplement their skill base and permit more scaled deployment. Enterprise support from qualified providers is the leading value multiplier for OSS adopters. A growing community of support companies, staffed by experienced IT leaders, are providing first-rate services.
OpenStack, Hadoop, Linux, PostgreSQL and many other open source projects are creating new and innovative ways to serve business and government. OSS saves IT users billions of dollars every year, frees resources for other purposes, and delivers better outcomes. Could OSS be the mega-trend in technology for this century?