The business value of corporate IT has never been greater. Whereas in the past most aspects of IT were fairly isolated relative to the broader organization, personnel in every department now rely heavily on a huge spectrum of IT tools to conduct their day-to-day job responsibilities. Beyond this, company leaders and personnel now regularly turn to the IT department to lead and contribute to innovative business strategies, rather than simply supporting such efforts after the fact.
This puts a tremendous amount of pressure on IT teams, which need to step up their performance to meet growing demands. With this in mind, it’s no surprise that a growing number of businesses are turning to open source solutions to meet their software needs. Open source offers tremendous efficiency and performance advantages. However, security remains a concern that any firm using these solutions needs to acknowledge.
“71 percent of companies’ developers are struggling to meet business users’ needs on time.”
Open source advantages
A recent survey from Mendix put this trend into perspective. As SD Times contributor Alex Handy reported, of the 470 surveyed organizations, 71 percent of companies’ developers are struggling to meet business users’ needs on time, 82 percent had project backlogs and 89 percent were unable to reduce their backlogs year-over-year.
As Gottfried Sehringer, vice president of marketing for Mendix, told the news source, these statistics are part of a broader pattern.
“One of the reasons is demand keeps growing. In particular, in today’s era of digital transformation, companies are looking for more applications, more multichannel applications,” Sehringer said, Handy reported. “There are fairly urgent business needs that keep putting pressure on the IT side. That pushes the backlog to grow.”
Open source solutions maximize efficiency while allowing developers to meet business needs. And thanks to the collaborative nature and widespread use of these options, open source reliability is at least comparable to, if not greater than, proprietary software.
Further supporting this notion, a recent Ponemon Institute survey of nearly 1,400 IT professionals found that more than 70 percent believe open source solutions offer superior control than proprietary counterparts, eWeek reported. This makes open source ideal for meeting organizations’ unique business requirements.
That being said, there are still significant security issues that companies must grapple with when it comes to open source software development.
The most obvious examples of open source vulnerability are Heartbleed and Shellshock, both of which struck tremendously popular open source offerings in the past year. But these were not the only open source vulnerabilities to appear. Writing for Opensource.com, Red Hat’s Gunnar Hellekson asserted that both open source and propriety software will always experience flaws. However, he asserted that it is possible to minimize these threats.
For one thing, Hellekson emphasized the value of developing policies and strategies to help companies respond in the event that a vulnerability is discovered.
“Static code analysis tools reduce the risk that errors will appear in open source code in the first place.”
The writer also pointed to tools such as static code analysis, which can significantly reduce the risk that errors will appear in open source code in the first place. A recent article from GCN’s Brian Robinson struck this same note, calling for greater use of software scanning solutions in light of the vulnerabilities discovered in 2014.
Additionally, companies should consider investing in open source scanning and governance tools, which can further help IT teams to determine where and how open source software is being used throughout the organization. Without this insight, it is difficult, even impossible, for IT security personnel to ensure that the company’s software is fully protected and complies with all relevant regulatory standards.