Jonathan Rochkind has written an awesome article for Library Journal about risk management when it comes to open source software. Jonathan walks librarians through all of the levels of risk you might be taking choosing open source software - most of which are the same as the risks you take with any software (for home, office or library). He also defines the different levels of open source software you’ll find out in the wild:
- Homegrown products are used and developed by only one or very few libraries. They are usually written to meet very local requirements without much effort to generalize and are supported by the same local staff who wrote them. A risk of homegrown software is managing the transition when that original staff leaves.
- Community support products have a thriving network of users and developers across a variety of institutions. A community of users and developers is, of course, not contractually bound to provide help, but many open source products have strong groups willing to spend time helping you for the greater good of the project.
- Vendor support products are backed by paid commercial contracts available from companies in the business of supporting open source products. Even though these vendors don’t own the software, they provide technical help for the software via contract, very much like a support contract for proprietary software. In the general market, a well-established and successful example is Red Hat Enterprise Linux, a variant of the open source Linux OS, for which the Red Hat company offers support contracts.
He then breaks down the different risks associated with the different types of open source software, reminding librarians that:
An open source evangelist (and I include myself in that category) would be doing a disservice to the library community and to the success of open source if they were to dismiss the existence of risk in open source and ignore the different natures of those risks. It’s true that open source software and support may not be appropriate in every situation, but it’s probably also true that in any organization there are some appropriate circumstances for the right open source software. Even the most risk-averse organization may be well served by an open source product with the right vendor package. Remember, an open source product with vendor support is not inherently any more or less risky than a proprietary product.
Make sure you read the entire article and share it with the skeptics in your organization - education is the only way to fight ignorance and skepticism.
Technorati Tags: open source
Comments