Thursday, 26 November 2009

Some considerations with Open Source

What is Open Source?
Open Source is the practice within software development where access to the source code is granted. This allows a software developer to take the original source code, and modify it for their own specific requirements. Or to extend the original application to perform some function that it did not originally perform. In keeping with the ethos of Open Source, all such changes and modifications must also be placed in the public domain, for other software developers to use.

So the Open Source movement is all about the sharing of ideas and code, by and for other software developers. This is most certainly a good thing. The entire LAMP (Linux, Apache, MySql, PHP) software bundle is based around Open Source, and this is a very widely used development platform.

Another ethos of the Open Source movement is that it should be either free, or incur only minimal costs. Open Source is the antithesis of for-profit, and profiteering would be seen as breaking the spirit of the movement.

Open Source is driven by the ethos of freely sharing your application code and resources amongst others within the software development community.

A work colleague recently asked me why, when selecting a Content Management System for my place of work, I had not considered looking for an Open Source solution.

Given the many benefits of Open Source already described, it might seem to be lacking due diligence not to have considered them in the selection process. While I most certainly have a great deal of time and respect for Open Source, it just doesn't always provide the best solution that perfectly fits every requirement.

While software bundles such as LAMP (see above) are in common use, and have large communities surrounding them that can provide support, assistance, patches and so on, this does not exist for every Open Source product or application.

Risk and accountability
Using LAMP in a commercial environment does not pose any serious risk. It is very well supported within the Open Source community, so while there may be no formal Service Level Agreements in place with a specified supplier, the community is so large, with so many developers and users, that the risk is heavily mitigated.

Open Source applications such as Drupal and Joomla are both excellent examples of Open Source Content Management Systems. They are also both well supported by their respective development communities.

However, a web site forms a substantial investment (and by extension an asset) to any organisation. It will be used to store the organisation's content, documents, images and information. These are things you probably want to ensure are well supported and looked after. There is little comeback if the system fails in some way, so this poses a more serious risk to the organisation. The lack of accountability is their key detractor.

In a commercial setting (public or private sector), web site downtime is critical. So are the threats from the various types of attack that a web site can be subject to including Denial of Service (DoS), spamming and cross-site scripting (XSS) to name a few.

I would be reluctant to place my investment, costing tens of thousands of pounds, in the hands of a community of unaccountable people. This is not to say that the community would not help in my hour of need, but the key point is that they are under absolutely no obligation - financial, moral or otherwise - to do so.

With a non Open Source solution, there is accountability. If I need support, I can pick up the telephone and speak to their support team. If the system fails in some way, there is accountability that entitles me to certain contractual and legal rights, including compensation for any inconvenience that may have been caused.

The amount of risk appetite we have is a very personal thing. For some, the risk I have outlined may be tolerable, especially bearing in mind the tremendous benefits that come with an Open Source solution. For others, the risk is just too great to accept.

Open Source Content Management Systems certainly have their place, and the examples I have given above clearly show just how professional and feature rich they can be. When considering any solution though, you need to have full access to the facts to make an informed decision, and it is worth pointing out that despite the many benefits of Open Source, it is not a magic bullet solution, and has its own drawbacks that must be carefully considered.

No comments:

Post a Comment