Open Source Adoption

Author: Paul Moorman

June 2008

The adoption of open source software can offer an organization one avenue to reduce their software budget, but what about the potential risks involved? Where should an organization look to begin exploring open source? The members of the CIO Council shared their experiences during its April 2008 meeting, with a simple theme emerging - look for large gaps in value or risk.

Two member companies recently switched from commercial portal applications to an open source alternative. The reason was the value of the feature-rich commercial product versus the very small number of features actually in use. And since a company's portal is typically used by all employees, many of which use it infrequently, the value versus cost equation had a significant gap.

Along the same lines, offering a service to tens of thousands of students using commercially priced products is an immediate showstopper. Email service at Sinclair Community College is provided via open source software. Having fewer features than the leading commercial products is actually a blessing - fewer features means less support is required, also reducing the overall cost.

An intriguing prospect for open source software is introducing a new technology to an organization, one that might gain traction but faces an uncertain future. Spending hundreds of thousands of dollars or more to buy a product, only to find it unused a year or two later, can possibly be mitigated by implementing an open source solution and testing the waters. If the new technology is a hit and more is demanded than the open source solution can deliver, a commercial product can be acquired later. Two options that CIO Council members have explored are Customer Relationship Management (CRM) and Content Management Systems (CMS).

Open source security products are often the defacto standards, products such as Snort (Intrusion Detection) and TrueCrypt (Data Encryption). Security is an area that protects your assets from some level of risk, and since risk is very subjective, the value attached to any security investment will vary considerably with the audience. While getting agreement that spam and viruses are real and worth attention may be easy, the value of encrypting all flash drives, one of many examples, may not gather enough consensus to spark an investment. Turning to open source solutions may be your only alternative short of doing nothing and waiting for the risk to be actualized.

For more information on this topic or discuss your IT leadership joining the CIO Council, please  contact Ann Gallaher, Chief Operating Officer, at 937.229.9072 or email This e-mail address is being protected from spambots. You need JavaScript enabled to view it .