Home / Blogs

Buying Open Source… It’s a Different Ecosystem

A lot of organizations are interested in open source software, but fail to give it a fair chance compared to proprietary solutions. One reason for this is that the typical invitation to tender process puts open source at a disadvantage. Open source, as it happens, is made in a different ecosystem.

The software acquisition process often focuses on licenses, and this is where the first mistakes are made. Recently a (Dutch) municipality burned its fingers because they asked directly for Microsoft licenses in an invitation to tender. It is also common that organizations ask for experience with licenses that represent a certain turnover. But how many vendors have ever earned money on licenses of open source? None. So who has the money to respond to such invitations to tender? Nobody!

Beyond licenses, an organization wants software support because this guarantees the continued useful deployment of this software. For proprietary software it is necessary that their vendors provide long term support, because no one else provides the software. The management of this risk demands that you ask the relevant vendor for guarantees. Even then, this is not always sufficient. For example, organizations that still run on Siebel or IBM OS/2 still have a problem.

Open source does not have such vendors (yet), and demanding long term support will then put open source at a disadvantage and actually tries to solve a problem that does not exist. If you want to change support vendors for open source software somewhere during the software lifecycle you just do it. Mature risk management of open source will lead to more important questions. For example: is there a good and functioning community of supporters, and will it continue to be so in the future? We then find that there are large differences between the various Linux distributions, for example, with regards to the size of reference implementations and the speed with which security issues are patched. Different ecosystems, different risks, they ask for different risk control measures.

By Peter HJ van Eijk, Cloud Computing Coach, Author and Speaker

Peter HJ van Eijk is one of the world’s most experienced independent cloud trainers. His website can be visited here.

Visit Page

Filed Under

    CircleID Newsletter The Weekly Wrap

    More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

    I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

    Co-designer of the TCP/IP Protocols & the Architecture of the Internet


    Comment Title:

      Notify me of follow-up comments

    We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.



    IPv4 Markets

    Sponsored byIPv4.Global

    Threat Intelligence

    Sponsored byWhoisXML API


    Sponsored byVerisign

    Brand Protection

    Sponsored byCSC

    Domain Names

    Sponsored byVerisign