- 4chan hell raisers finding fame brings heat?
- The 10 dumbest mistakes network managers make
- NetApp quits bidding war in face of EMC opposition
- CompuServe closes after 30 years
- Google to launch open-source Chrome OS this year
Whether they know it or not, almost every enterprise has open source technologies installed. And with hundreds of thousands of open source projects floating around that are derived from countless pieces of source code that are subject to any number of licenses, it's imperative to implement governance measures to mitigate legal and operational risks.
The goal is to put in place policies, systems and processes to ensure a reasonable standard of care over the use of open source software. Companies can also put in place governance solutions that allow them to inventory their open source usage, implement open source policies, automate approval processes, track and audit open source deployment and ensure compliance with open source licenses.
A critical component of open source governance is to understand what open source software your enterprise is using and where it is being used. Besides helping you ascertain legal risk, understanding "what and where" is critical when systems go down, security vulnerabilities are uncovered or legal actions occur.
Surprisingly, most enterprises do not have a handle on how much open source they use. While some open source technologies are widely used by companies of all sizes, other packages are downloaded by developers, bypassing standard procurement processes and controls. In addition, some tools are often deployed unknowingly because they are bundled inside other packages the developer wants.
In fact, open source programs can contain dozens of other open source components, making it difficult to assess what open source software is used and what licenses are involved. Creating a baseline for open source inventory is a key step in governance. This will help you identify actions needed to mitigate legal risks and plan for the use, support and updating of open source components.
Although open source is freely downloadable, each open source project comes with an open source license that governs the conditions of use. In fact, there are over 50 OSI-approved open source licenses, thousands of variations on those licenses and a huge number of unapproved one-off open source licenses. Although much discussion of open source licensing revolves around the GPL licenses, other licenses are much more common in open source software used by enterprises.
The Leader in Network Knowledge
Partner Content
Explore the Ultrium Edge
The powerful tape technology can address data security with tape encryption as well as long term data protection.
Find Out More
Disk and Tape Square Off
Discover what disk and tape really cost and which solution provides lower total cost of ownership and optimizes energy use for your organization
Download this White Paper
Don't Fall for the Myths
The Clipper Group explores the truth behind the myths of tape, digging into the misconceptions in the disk vs. tape debate.
Review this information
information examination
An examination of information security issues, methods and securing data with LTO-4 tape drive encryption
Read this analysis
Comments (1)
OSBy Anonymous on March 30, 2009, 1:32 amOS
Reply | Read entire comment
View all comments