02 May 2006

Book Review | Open Source for the Enterprise: Managing Risks - Reaping Rewards

I have just finished reading "Open Source for the enterprise: Managing Risks - Reaping Rewards" (thanks to Karl Audet for lending me this book). Before I share my review of this book with you, here are a few thoughts.

Open source software used to be considered unstable, immature and ill-suited for corporate and governmental contexts. There are now detailed studies, such as this one, prepared by Defence scientists and posted on Treasury Board Secretariat web site, that confirm what open source community members already know: open source software is ready for the enterprise. Generically speaking, we have:

This chart illustrates that risks are now considered higher in the proprietary software arena, as opposed to open source. This chart is based on a scientific study of the field (the full report is 189 pages) rather than subjective fears and beliefs.

From the executive summary of Free and Open Source Software Overview and Preliminary Guidelines for the Government of Canada, we learn the following:
The good reputation of free and open source software has attracted the attention of many governments around the world and they are now considering the systematic migration of their servers and their workstations to FOSS. The leading countries, currently migrating to FOSS, are the United Kingdom, Germany and France but it is estimated that more than 20 other countries are preparing policies and action plans to adopt FOSS systematically in their government and industrial systems. The strategic rationale for migrating to FOSS is typically related to three main factors: 1) the expectation of direct cost savings, 2) the reduction of economic loss at the national level caused by commercial software imports and 3) the hope to better develop national IT expertise by means of access to source code (and development of original components) which is not really possible with COTS packages.

Canada appears to be behind the curve in FOSS adoption. The lack of clear business cases and the underestimation of the strategic value of FOSS partly explain this situation. However the Government of Canada (GoC) has recently endorsed a pro-active position on FOSS to ensure that GoC staff are aware of the options available and that no barriers to procurement remain. Some comprehensive open source initiatives can be found in the education and health sectors and an increased awareness is now being expressed by the GoC, who see FOSS as a viable alternative to COTS software and expensive custom code development.
Government of Canada (GC) Managers and directors in the fields of Information Management (IM) and Information Technology (IT) are, unfortunately, all too often unaware of these preliminary guidelines and of the potential for efficiency created by the adoption of open source software. One of the reasons for this shortcoming is lack of knowledge and education. The book "Open Source for the enterprise: Managing Risks - Reaping Rewards", by Dan Woods and Gautam Guliani, goes a long way in convincing the reader that open source software is a viable and cost effective alternative in the enterprise. But not without adequate preparations!

The book opens in Chapter 1 with "The Nature of Open Source". I really like the detailed discussions on topics such as what is open source, where does it come from, how does it grow, how does it die. Chapter 1 ends appropriately with specific consideration of each type of risk associated with open source software and comparing the nature of these risks with comparable risks on the commercial software sector.

Chapter 2 is essential for decision makers in corporate and governmental contexts: "Measuring the Maturity of Open Source". There are clues, factors and best practices one can evaluate in order to develop an informed judgement on the maturity of specific open source software communities. Taking this rational approach moves the use-of-open-source-software-in-the-enterprise discourse away from irrational fears and unfounded beliefs by providing a rational basis for objective evaluation. Using this approach will yield widely varying results depending on the open source software evaluated, reflecting the reality that not all open source software is equal...

Chapter 3 addressesthe open source skill set challenge. Running an IT Department that is resourced to support open source software is different than IT Departments solely responsible for network stability, deployment, upgrades and patches, etc.. The authors describe how to prevent an "open source nightmare" by carefully assessing the skills required as a function of the maturity of the open source software adopted.

Chapters 4, 5, 6 and 7 are helpful and necessary for managers seeking to introduce open source software:
  • Making the ROI Case
  • Designing an Open Source Strategy
  • Support Models for Open Source
  • Making Open Source Projects Easy to Adopt
Chapters 8 and 9 were an eye opener. I knew little of open source licenses. Acronyms such as BSD, GPL, GNU... were alphabet soup. The authors succeed in making the subject not only readable, but very interesting. Chapter 9 alone, on the "SCO Crisis" (when SCO believed it held the original patents and intelectual property rights to Unix and asked all Fortune 500 companies to pay $699 per CPU running Unix), felt more like a novel and should be made into a movie!! You heard it here first... ;-)

The book ends with Chapter 10 on Open Source Empowerment, placing everything into context and giving some insights on how to make it all happen; and with six annexes including helpful reviews of individual open source software packages by categories.

From O'Reilly, ISBN 0-596-10119-8.