Advanced Computing in the Age of AI | Friday, June 9, 2023

Why Some Enterprises Don’t Do Open Source 

via Shutterstock

 As everyone knows, the code for open source software (OSS) is made available with a license in which the copyright holder provides the rights to study, change and distribute the software to anyone for any purpose. OSS is typically developed in a collaborative public manner, relying on the intelligence and creativity of crowdsourcing to create platforms, applications and infrastructure that in many cases rivals that of its proprietary, closed-source cousin.

While smaller companies can quickly adopt open source products, many larger enterprises are laggards due to structural constraints. Though a group within an enterprise may use an open source solution, the tools rarely end up being deployed enterprise-wide because open source solutions are built to solve a specific problem for a specific line of business. If another line of business struggles with the same problem, they can’t simply adopt the same solution – they need to spend time setting up initial configurations and establishing the right IT support mechanisms. Bottom line: most large enterprises don’t do open source.

Many individuals wonder how enterprises can pass up the free aspect of open source software. But cost is not simply the price paid for the software. Enterprises view software through a total cost of ownership (TCO) lens, which brings on open source skepticism that leaves them in the dust of smaller, more agile companies adopting open source solutions.

Below are key reasons why enterprise customers are hesitant to embrace the latest open source technologies:

  1. Unintended Consequences

For open source to function optimally inside an enterprise’s infrastructure, modifications must be made. This usually isn’t a problem for startups, which often have both the expertise and the lack of bureaucracy enabling needed structural changes and adjustments. The enterprise level lacks this same flexibility and spare capacity. If they had this elasticity, their entire infrastructure stack would constantly be changing.

Additionally, enterprises have concerns about the scalability of open source products. Since enterprises operate on a much larger scale than the smaller firms or startups that usually serve as trial users for open source, there is an inherent risk that problems may arise when the code is applied as part of a much larger network.

  1. Support Capacity

After enterprise’s go through the trouble of finding an open source solution for a specific problem, they often have difficulty making it portable to other lines of business. Without the support services of an independent software vendor, enterprises lack the specialized skillset or the spare bandwidth to tweak the product and make solutions versatile. However, enterprises should not be blamed for lacking this capacity. This is understandable, because enterprises that stray too far from their competitive advantages risk losing sight of their mission.

While the prospect of building out open source solutions is tempting, in many cases enterprises come to the conclusion that they are better off outsourcing to an independent provider. If an outside provider can offer fairly priced commercial software along with maintenance, support, and customization, a company can then apply it widely across business lines.

  1. Legal Liability

 Some open source services contain portions of proprietary code inside their software undetectable by end-user. If an enterprise uses these patented portions of code without realizing it, they risk facing an infringement lawsuit, and open source provides no accountability. Legal liability may be too much to bear especially when well-financed enterprises are enticing targets for patent trolls.

Almost two dozen companies faced this reality when Parallel Iron hired IPNav to help them bring suits against tech giants, including Facebook and LinkedIn, for using Hadoop. Thus enterprises must be especially diligent in mitigating legal liability.

  1. Security

Since most large enterprises are attacked by hackers on a daily basis, open source products can make them feel event more vulnerable. Internal policies and procedures require most companies to show certification and assurance of their applications, which open source software often can’t provide.

Arguing that open source is immune to security vulnerabilities is inherently false. Enterprises must work with OSS developers to show they’re equally as security focused as commercial vendors.

What Next?

Fortunately these problems are solvable by a well-run startup focused on commercializing an open source project. A startup can vouch for the provenance of the code, make the software deployable, provide support and certify the software. Companies such as Datical, Red Hat, MongoDB, Cloudera, and countless others have proven success with commercialized open source solutions.

These tasks aren’t trivial, and require a capable team that can navigate the lengthy procurement processes that wary enterprises have put in place to make sure half-baked solutions don’t slip into their stack. But if done correctly they will be richly rewarded.

Aziz Gilani is a partner at Mercury Fund.