Companies are seeing direct benefits from supporting open source communities, are granting developers and employees greater access to those communities, and are grappling with the logistical issues of visibility and control around open source code.
Open source's use, said Black Duck Software Executive Vice President (EVP) and Chief Marketing Officer (CMO) Phil Granof, has become "ubiquitous." Granof used a new concept to describe it: generation dot-open. Open source software is entering all elements of the enterprise and our daily lives and is increasingly defining the common platform which we build on. Black Duck Software, headquartered in Burlington, Mass., is a consulting and solutions provider for enterprise open source adoption.
To clarify the trends and issues that open source software (OSS) is creating in the enterprise, TechRepuplic recently spoke with Black Duck's President and CEO Lou Shipley and Granof about their company's recent Eighth Annual Future of Open Source Survey.
The eight main trends and issues that our talk revealed are:
- OSS has become ubiquitous and has entered the enterprise
- Return on OSS participation
- The impact of OSS in the Internet of Things
- Improved employee access to OSS ecosystems
- Greater diversity of industries using OSS
- Security is an established OSS asset
- Greater ease of OSS deployment
- Control and visibility of OSS code and usage
At the start of our interview, Granof made a comparison between my April 2014 article on CIOs re-branding themselves as strategists, and how IT decision makers should view the use of OSS.
"It resonated with me," said Granof, "because I think there are points of tangency between how we are thinking about open source being used within the enterprise, and the CIO's role. Because it's both the use of open source and the CIO role which need to be re-branded as strategic. So I see a parallel between what we are thinking and what you talked about in your article."
TechRepublic: What are the main trends that the Eighth Annual Future of Open Source Survey uncovers?
Phil Granof: I think the main trend is we have all now become a part of generation dot-open, which means it's inclusive, not bounded by age, like most generations.
We are at a point in time now, where the use of open source is so ubiquitous that it is infiltrating our daily lives, it is infiltrating all aspects of the software stack, and it's infiltrating all sorts of companies. Now students are leaving college having been trained on using open source with some real-world experience that they can prove. It's now like what water is to fish, it's what we live in.
As enterprises and the CIO begin to think about what open source really is, I think it is primarily an awakening of how much it is already around them — how much they are already using and how much is in their development process.
When we do scans, we invariably find open source that no one was even aware of and that the customer was using. And it's not just an issue of not complying. This is just how developers like to work. They share early, they share often, and they are trained on it. And so it's not a surprise that open source has entered into the enterprise. Because the folks that are doing the coding, that's just the natural state for them.
So I think the first trend is the recognition that we are all now working on a new platform as part of generation dot-open, and that platform is open source. I don't know if we would have seen that 10 years ago. It would have been a Microsoft platform, or something else. We are all now working on this platform and beginning to see a great deal of benefit from cooperation.
Again, we are all part of this generation dot-open. And what is guiding that is we are all beginning to see a return on participation, individually and as organizations. If you look at it from the enterprise point of view, what is their return on participation? Well, they have the ability to influence projects, they have the ability to borrow from innovation within the community, and they have the ability to preselect open source veterans coming right out of college. So the more they participate in the ecosystem, the more they see direct benefits to their organizations.
TechRepublic: What are the biggest changes from the previous Future of Open Source survey?
Lou Shipley: Prior to the survey we had our think tank show and did a group case study on the rise of the Internet of Things. We were talking the other day to a thermostat manufacturer who was struggling with how to manage the complexity of their customers that log into these thermostats through a web portal. They are worried about security; they are worried about lifecycle management of a product that is now accessible. And as devices get connected, underneath that, what's really connecting them is software, and it's mainly open source. So we saw that as a big trend in an area that a lot of people and big companies are talking about.
Phil Granof: Some of the biggest changes are around improving access, which is that companies are far more likely to allow their employees to formally become part of the ecosystem. And again, that's all about seeing a return on participation. Not just their own involvement, but making it easier for employees to participate.
I think the second major trend is the diversity of industries. It has proliferated across industries that we would never have expected. Things like drones and gaming have popped up. I'm not sure those would've even entered our vocabulary early on, certainly not prior to 2013.
I think I would add to that ease of deployment. And that's really critical from a bit of a selfish point of view, since that's the business we're in. We are making it easy for organizations to solve their logistical challenges of bringing in OSS. The ease of deployment, going from result number six to number three in one year, was a really significant jump. And good habits are facilitated by ease.
And then, while this is not a big jump, the stabilization of the data is of note: security is still seen as one of the foremost reasons to choose open source. And I will say we got the data prior to Heartbleed, so we didn't have kind of the screwy impact that a big event can have on survey results. But that is something that has definitely stabilized. Five years ago, the perceived risk curve for using open source was far different than it is today. Now it is a matter of fact.
TechRepublic: What is the take-home message from the survey for IT decision makers?
Lou Shipley: I think there are couple of things. IT departments are under tremendous pressure to develop software faster and faster. And developers choose open source because it is so easy. What that means as an IT decision maker is you know it's there, you know it's coming in, you know someone has just downloaded OpenStack and is playing around with it.
But the real question is, what don't you know? You know more and more open source is coming in through the back door. The question is, how do you get some degree of manageability around that? Specifically, visibility of what you have, and how you can control it. For IT decision makers, I think that is where we are seeing people calling in, saying we know it's here, can you help us manage it?
Phil Granof: You know, we refer to the problem as a logistical one, and we find it has been incredibly useful for comprehension.
If you look at the world of open source as having this ginormous warehouse of potential, wonderful things you can bring into the organization, and if you are a CIO, and you're thinking I am re-branding myself, as your article said, as a strategist, then you might ask: how do I bring this in and improve the competitiveness of my company, while the same time helping folks choose their open source, helping them understand it, helping my organization warehouse and inventory it, helping them secure it, and helping them deliver it to each other and through their own supply chain?
We refer to this as OSS Logistics, which fundamentally is how a CIO should be thinking about managing their new software within an organization.
When Heartbleed did break, we ended up getting a surprising number of calls from customers, who were delighted with the fact they could find out instantly where OpenSSL was used throughout their applications and in their code base. And they were using our product. So that is immediate visibility into where is it, how often am I using it, who's used it, and which version is my organization using? There is no way that is managed on spreadsheets anymore. And our solutions deal with that logistical inventory problem.
Brian will do client work for AtTask.
Brian Taylor is a contributing writer for TechRepublic. He covers the tech trends, solutions, risks, and research that IT leaders need to know about, from startups to the enterprise. Technology is creating a new world, and he loves to report on it.