Featured Article from Software Licensing
Unmanaged Open Source Software Creates Risks
The technology world is rapidly moving away from proprietary, legacy software development toward the open source model, driven by the cloud, the services and subscription-based pricing trend and a need for interoperability. But open source does not equal free, and in fact the whole notion of open source software (OSS) and development is somewhat cloudy and confusing.
A prime example of this confusion is Oracle’s (News - Alert) recent move to enforce commercial terms for customers who were under the impression they were using free Java software. A recent blog post from Flexera Software, a company specializing in software licensing and monetization strategies for the digital age, discusses why the open source concept is so confusing and how the problem can be addressed. According to Jeff Luszcz, VP of product management at Flexera, many customers using Java believe the software is free, a misconception.
“The confusion lies with Java Standard Edition, available for download from Oracle’s website,” writes Luszcz. “If you only want to write a Java application, feel ‘free.’ The problem arises if you install that application on hundreds of desktops, requiring Microsoft (News - Alert) Windows Installer Enterprise JRE Installer – which is NOT free to use… And it does not stop there. There are additional parts and editions of Java that are not free either.”
The Oracle Java confusion is merely one example of open source murkiness, but points to the larger problem of unmanaged OSS. Very simply, when an open source component is built into a commercial software product but unmanaged, it runs the risk of violating the open source license at a minimum, and containing a security vulnerability or risk in the worst-case scenario. And the sheer amount of unmanaged OSS in use today is threatening the integrity of the entire software supply chain.
The solution is proper tracking, management and monitoring of OSS and third-party components. Since just about every open source component comes with a license or some sort of governance, businesses are obligated to ensure they are meeting usage requirements and need a software licensing management offering to stay on top of this. OSS license compliance management education must also be part of any IT and technology strategy, and senior managers need to be informed about license compliance requirements along with the need for security and other updates.
Some companies are forming Open Source (News - Alert) Review Boards (OSRBs) comprised of technical, legal, IT and management personnel, to address OSS compliance requirements and security. A Software Composition Analysis tool is also useful for discovering and managing OSS and third-party components in use. This type of solution can also automate and manage the process of vulnerability alerting.
OSS software is not always free, as the Oracle Java conundrum illustrates, and it is most definitely not free of obligation. Businesses using OSS and third-party components are responsible for staying on type of licensing compliance requirements in order for the software model to succeed. Failure to do so can lead to security vulnerabilities and fraud, putting businesses at risk and negating all the financial benefits of using OSS in the first place.
Edited by Maurice Nagle
See For Yourself Why So Many Trust Flexera Software Solutions
Featured White Papers / eBooks
Report: Software Licensing 2016: Seismic Shifts - Shaky Foundations
Key Trends in Software Pricing & Licensing Survey - 2016 Report...
eBook: How Can You Monetize the Internet of Things?
This eBook provides 5 tips for leveraging your intelligent devices and apps to gain higher revenues, competitive advantages and lower costs as well as discusses software monetization and licensing use cases and success stories...
eBook: 10 Reasons to Buy a Purpose-built Software Monetization Solution
Read this eBook that arms you with 10 reasons to buy - and not build - that can be used to develop the business case for leveraging a commercial Software Monetization solution...
eBook: How Do I Transform My Hardware Business and Supply Chain Processes to Support a Software Business?
This eBook discusses the hardware to software shift, the changing business requirements for successfully managing a software business and provides guidance on next steps...
Featured Press Release
New Flexera Software/IDC Report: The Internet of Things, Intelligent Devices and Software Monetization Are Propelling the Third Industrial Revolution
A new survey report, The Third Industrial Revolution: Intelligent Devices, Software, and the Internet of Things, prepared jointly by Flexera Software and IDC, provides unique insights into how the third industrial revolution sweeping the global economy is being fueled by device manufacturers...
Featured Success Stories
- Siemens Building Technologies: Streamlines Inventory and Reduces Cycle Times with Flexera Software FlexNet Producer Suite