Comments on: Open Source Governance Framework http://www.prudentcloud.com/grc/open-source-governance-framewor-12102009/ Software-as-a-Service (SaaS), Governance Risk and Compliance, Cleantech are becoming critical decision points in companies. PrudentCloud will help you make some of these strategic decisions. Tue, 27 Jul 2010 21:58:44 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Subraya Mallya http://www.prudentcloud.com/grc/open-source-governance-framewor-12102009/comment-page-1/#comment-179 Subraya Mallya Mon, 19 Oct 2009 18:48:21 +0000 http://www.prudentcloud.com/?p=2000#comment-179 Thanks Jon. I agree with you completely. While the attraction to Open Source is pretty clear, the challenges companies inherit (unknowingly or willingly) is enormous. Subraya Mallya Thanks Jon. I agree with you completely. While the attraction to Open Source is pretty clear, the challenges companies inherit (unknowingly or willingly) is enormous.

Subraya Mallya

]]> By: Jonathan Strong http://www.prudentcloud.com/grc/open-source-governance-framewor-12102009/comment-page-1/#comment-178 Jonathan Strong Mon, 19 Oct 2009 18:40:29 +0000 http://www.prudentcloud.com/?p=2000#comment-178 Subraya - timely article. I agree with your points, and also feel that you've only surfaced the tip of the iceberg. It seems that many of the newer companies who embrace open source have spent quite a bit of time working on a model to help them monetize the offering, and in turn that translates to expense for us, the corporate users of the software. I can't blame them. Few companies are in the position of a Sun or IBM and are able to allow complete unfettered use of their software the way developers are free to use Java without paying a license fee. As I've led teams using various open source tools over the last couple of years, we've seen how many of the newer monetization models work, and it definitely takes a bit of the allure away from the idea of "open source". For a current example, we can look at something like Pentaho, an ostensibly open source business intelligence suite. At first glance, it's pretty compelling. It appears that most of the pieces are "there" to let you construct your own BI system with "free" software. But when you actually start working with it, you keep bumping into the differences between the open source version, and the commercially supported version. You discover that debugged builds for open source are never at the same version as the commercial version. Documentation that's readily available if you pay a $30,000 license fee simply doesn't exist for the open source version. If you start to dig your way through the online forums, you find that most users are with companies who paid for the commercial version and they depend, constantly, on the support from the vendor that the license fee affords them. This is not available for open source users. I could continue, but I imagine that you're getting the picture. Essentially, using the open source version is very similar to making use of the open source router firmware that Linksys makes available to the world. Typically, it's only hackers, and folks like the authors of Sveasoft (3rd party firmware for the Linksys boxes) who can make use of this open source code. Infobright is a great column-oriented DBMS, and it also comes in an open source version (ICE - inforbright community edition) and a commercial version. In this case, the company is a bit better about providing support for the open source version, but this version is limited and is missing some critical features that are only available in the licensed version (such as multi-threaded data loaders, and the allowable use of DML). You can manipulate ICE to get around some of the limitations, but only if your budget allows your team R&D time, and only if your team is up to the challenge. Otherwise you will once again find that the product may only be practical for you if you buy the licensed version. So - in addition to the other points you make in your blog post, there may be significant hidden costs that only become apparent if you dig deep, or spend several weeks or months working with the products. And this all happens before you have to even think about governance issues... Great potential, and very powerful in the right hands. But, as in all things, caveat emptor. Subraya – timely article. I agree with your points, and also feel that you’ve only surfaced the tip of the iceberg. It seems that many of the newer companies who embrace open source have spent quite a bit of time working on a model to help them monetize the offering, and in turn that translates to expense for us, the corporate users of the software.

I can’t blame them. Few companies are in the position of a Sun or IBM and are able to allow complete unfettered use of their software the way developers are free to use Java without paying a license fee. As I’ve led teams using various open source tools over the last couple of years, we’ve seen how many of the newer monetization models work, and it definitely takes a bit of the allure away from the idea of “open source”.

For a current example, we can look at something like Pentaho, an ostensibly open source business intelligence suite. At first glance, it’s pretty compelling. It appears that most of the pieces are “there” to let you construct your own BI system with “free” software. But when you actually start working with it, you keep bumping into the differences between the open source version, and the commercially supported version. You discover that debugged builds for open source are never at the same version as the commercial version. Documentation that’s readily available if you pay a $30,000 license fee simply doesn’t exist for the open source version.

If you start to dig your way through the online forums, you find that most users are with companies who paid for the commercial version and they depend, constantly, on the support from the vendor that the license fee affords them. This is not available for open source users.

I could continue, but I imagine that you’re getting the picture. Essentially, using the open source version is very similar to making use of the open source router firmware that Linksys makes available to the world. Typically, it’s only hackers, and folks like the authors of Sveasoft (3rd party firmware for the Linksys boxes) who can make use of this open source code.

Infobright is a great column-oriented DBMS, and it also comes in an open source version (ICE – inforbright community edition) and a commercial version. In this case, the company is a bit better about providing support for the open source version, but this version is limited and is missing some critical features that are only available in the licensed version (such as multi-threaded data loaders, and the allowable use of DML). You can manipulate ICE to get around some of the limitations, but only if your budget allows your team R&D time, and only if your team is up to the challenge. Otherwise you will once again find that the product may only be practical for you if you buy the licensed version.

So – in addition to the other points you make in your blog post, there may be significant hidden costs that only become apparent if you dig deep, or spend several weeks or months working with the products.

And this all happens before you have to even think about governance issues… Great potential, and very powerful in the right hands. But, as in all things, caveat emptor.

]]> By: hovo http://www.prudentcloud.com/grc/open-source-governance-framewor-12102009/comment-page-1/#comment-599 hovo Tue, 13 Oct 2009 08:36:58 +0000 http://www.prudentcloud.com/?p=2000#comment-599 <span class="topsy_trackback_comment"><span class="topsy_twitter_username"><span class="topsy_trackback_content">Open Source Governance Framework | Strategies for Software-as-a ...: A well-defined open source governance proc.. http://bit.ly/UR420</span></span> Open Source Governance Framework | Strategies for Software-as-a …: A well-defined open source governance proc.. http://bit.ly/UR420

]]> By: hovo http://www.prudentcloud.com/grc/open-source-governance-framewor-12102009/comment-page-1/#comment-286 hovo Tue, 13 Oct 2009 04:36:58 +0000 http://www.prudentcloud.com/?p=2000#comment-286 <span class="topsy_trackback_comment"><span class="topsy_twitter_username"><span class="topsy_trackback_content">Open Source Governance Framework | Strategies for Software-as-a ...: A well-defined open source governance proc.. http://bit.ly/UR420</span></span> Open Source Governance Framework | Strategies for Software-as-a …: A well-defined open source governance proc.. http://bit.ly/UR420

]]> By: Open Source Governance Framework | Strategies for Software-as-a … | Open Hacking http://www.prudentcloud.com/grc/open-source-governance-framewor-12102009/comment-page-1/#comment-177 Open Source Governance Framework | Strategies for Software-as-a … | Open Hacking Mon, 12 Oct 2009 21:33:05 +0000 http://www.prudentcloud.com/?p=2000#comment-177 [...] here to read the rest: Open Source Governance Framework | Strategies for Software-as-a … This entry was posted on Monday, October 12th, 2009 at 1:22 pm and is filed under Linux, News, [...] [...] here to read the rest: Open Source Governance Framework | Strategies for Software-as-a … This entry was posted on Monday, October 12th, 2009 at 1:22 pm and is filed under Linux, News, [...]

]]> By: Subraya Mallya http://www.prudentcloud.com/grc/open-source-governance-framewor-12102009/comment-page-1/#comment-287 Subraya Mallya Mon, 12 Oct 2009 19:33:26 +0000 http://www.prudentcloud.com/?p=2000#comment-287 <span class="topsy_trackback_comment"><span class="topsy_twitter_username"><span class="topsy_trackback_content">Open Source Governance Framework - http://tinyurl.com/yfxpfxg (via @prudentcloud)</span></span> Open Source Governance Framework – http://tinyurl.com/yfxpfxg (via @prudentcloud)

]]>