Open Source software projects and FOSS (free open source software) governance policies are becoming more visible at companies like Capgemini, Cisco, CompuWare, EDS, HP, IBM, Microsoft, Oracle, SAP, Sun, etc.

The news about Microsoft’s Open Source Web Platform Installer probably took a few people by surprise this week. Game plans and strategies are changing quickly, and enterprise open source governance policies (PDF) may need to be reviewed or revised to keep up with the rapid pace of change. Projects like FOSSology and FossBazaar are designed to grapple with governance issues.

Open Source in the Enterprise – 2008, an O’Reilly Radar Report starts with the question/premise: “It’s no longer IF, but HOW?”  O’Reilly’s new report is for CIOs, CTOs, IT managers, and business owners who want to make smart decisions about deploying open source. (Disclaimer: O’Reilly makes money selling books about open source software.)

So how do you use open source software in your business? How do you define policies for using open source? How do you govern IT? What are the best practices in the industry today?

The O’Reilly Radar Report, Open Source in the Enterprise – 2008, is authored by Bernard Golden (CEO of Navica).

Mr. Golden starts out by telling us that open source is “growing at a compound rate of 55%”. The number of projects hosted at SourceForge has grown from around 12,500 in 2000 to nearly 200,000 by year-end 2007. However, Mr. Golden also reminds us that Open Source adoption statistics are not very reliable at this point:

It is extremely challenging to assess how much open source is being used within enterprises today. One of the traditional methods of use identification (vendor reports) is missing, as most open source software is downloaded anonymously and copied/redistributed extensively. Self-reporting by enterprises cannot be relied upon, either, as many companies are unwilling to self-report in the interest of avoiding conflict with existing vendors or keeping competitive information confidential.

He goes on to explain his method of research, which involved examining job posting data — looking for tell tale markers of Open Source adoption in various enterprises.

The report lists 6 drivers for Enterprise Open Source Adoption, and follows each with case studies, and analysis of best practices:

1. Agility and Scale ( case study – PayPal)
2. Quality and Security (case study – Coverity)
3. Breaking Vendor Lockin (case study – Kaplan test services)
4. Cost (case study – Big Lots)
5. Sovereignty (case study – open source in Brazil)
6. Innovation (case study – AMQP at JP Morgan/Chase)

The O’Reilly report concludes with details on how to create an Open Source Action Plan.

The critical task at this stage of open source use is to bring it into the open and recognize that it will be an important part of IT initiatives going forward. Don’t underestimate this issue: a recent CIO magazine survey found that about 50% of enterprises claim that they are currently using open source, while 45% cited support concerns as a reason restricting its use—whereas the reality is that nearly every IT organization has open source running today. The first step to solving a problem is confronting it, and the challenge for early open source users is to be honest about their actual circumstances.

I found the report to be well researched and written in a non-technical, jargon-free manner. The case studies are helpful. You might find the report helpful also.

Disclaimer: The values, viewpoints and opinions expressed are totally my own, and do not necessarily reflect the values, viewpoints, or opinions of my employer, clients, suppliers, or any other affiliation.