Category Archives: open source

Is Open Source Saving You Money?

May be. But here is an interesting conversation I had with a guy who worked for me in the past. Recently he contacted me to suggest technical solution for something. He also said “I would like to know whether any freeware which would address this kind of requirements”. I replied him pointing to a webpage that contained a lot of commercial and open source solutions. And asked “Why are you looking for a open source? Is your customer not ready to pay for commercial software? :).” (If you read this carefully, you would notice I used freeware and open source interchangeably but that seems to be usually the perception to many anyway).

The reply to my email mentioned “The reason why we were thinking about open sources is that , We can customize open sources as per our requirement and absorb the license cost into services . Also, We can delink any technical risk which could be faced by customers. It was purely a cost benefit option in terms of customer and implementing partners.”

So the interesting observation for me is that next time a consulting firm recommends an open source solution, realize that the reason for that is not entirely the benefits of open source over a commercial solution but the fact that the consultant might be hoping to get the license piece of your allocated budget moved towards consulting service!

Interestingly in this specific case, they went with a commercial solution as they couldn’t find a similar open source alternative. Perhaps the estimated consulting cost outweighed the cost of licensing.

The intent of this post is not to mention that open source is not the right way to go but to make people realize why someone might propose going with open source solutions.

Advertisements

Leave a comment

Filed under open source

Why Is Open Source Less Secure?

Recently phpbb got hacked. Then, I just read the slashdot post How To Argue That Open Source Software Is Secure?.

Would a bank not have a safe with secret access codes just because it has installed the latest high-tech surveillance system?

What I am trying to say is, if a closed source software company argues that “hae, our software is likely to be more secure than an open source code because we don’t give out the implementation details”, then all things being equal, it’s a very compelling competitive advantage as far as security is concerned. Of course, “all things being equal” is not true. For example, the time to respond to a security bug for a commercial software might be more than for an open source code. This is because the number of eyes that can look at the code and fix the issue is a lot for open source project. But do note that the number of eyes that can look at the code and identify potential loop holes are also plenty.

So, I think it’s important for each side of the aisle to realize that their philosophies offer different comfort levels to their customers rather than each one expecting the other side not to consider their philosophy has any weakness.

Leave a comment

Filed under open source, Security

Open Source Doesn’t Lock You In?

Today, I saw a post on Craigslist with the statement

“We believe they should investigate vendor developed and or vendor supported open source accounting/ERP software to avoid lockin and associated cascading fee. ”

That got me thinking and writing this post. I am familiar with the technology and functionality used by a few open source softwares. And ofcourse, I am also familiar with the commercial ones.

The above statement on the craigslist post mentions “to avoid lockin”. Now, what exactly is concerned as a lockin to be concerned about?

Let’s see. Any enterprise application, be it open source or closed source, requires a few key components. And they are, the operating system, the database, the middle-tier server and finally the language to write the application. Those familiar with the LAMP (or WAMP) knows I am referring to for example, Linux, Apache, MySQL and Perl/PHP/Python combination. Ofcourse, it could very well be Tomcat for Middletier or Ruby for programming language. But the point is, that these 4 are the key components to build an enterprise class application.

Some of the open source products I have evaluated stick to a single programming language. Few of them offer database independence, but at the cost of not being able to make use of some database specific optimizations. But let’s ignore that for a moment. Now, what would a company evaluating for a enterprise software consider a lockin? Is it if all of the above key components are not interchangeable? Is it if only some of them not interchangeable?

Now, let’s look at each of the component.

Programming Language: Most open source applications are developed in a single language. And it’s not possible to start using one of those open source applications and all of a sudden, just because your internal IT staff is familiar with a different language, expect it to be available in that too. Ofcourse, chances are the IT department wouldn’t have picked an open source application whose language is not familiar to them, the same way as a CIO wouldn’t pick a commercial enterprise vendor unless he is familiar with that vendor in the past life or has a buddy working at the vendor offering all kinds of incentives however little they may be. But, what happens when the original IT staff moves out, downsized or moves into management roles? Who are going to handle your already existing open source application written in a language that is either alien or frowned-upon by the current IT staff?

Application Server: Most open source applications go with a java server or an apache module/cgi. This means, you are already committed to using one of them. It’s just that by starting to use one of them, your decision making has been made easy in the form a pre-requisite. I mean, would you question if your favorite open source CRM application says that it needs Apache to run it, “why can’t it work with my existing tomcat installations?”

Database: There are a few database independent drivers that enable applications to be written such that it’s database independent. However, remember that the open source application vendors don’t have the resources to test it with all possible combinations. While they can claim to be independent of any of the database, their testing and main-stream support is limited to only one of them. The one that most people just follow without questioning, yet thinking they have the choice to do whatever they want.

Operating System: Apache and Java server already make the operating system transparent in most cases. Most of the commercial vendors offer equally good support for multiple operating systems as their open source counterparts. Ofcourse, Microsoft is the only exception.

So, next time some one tries to tell you that by moving to open source you won’t be lockedin, think carefully what that really means to your organization. Infact, what really matters is to standardize these 4 key components within your IT infrastructure such that you get scales of economy.

1 Comment

Filed under open source, Open Source CRM, Open Source ERP

Open Source & CIO Pays

We all know the economy is bad and we are in a recession for more than a year, but came to know about it just now, after the elections (almost as a conspiracy). And with so much meltdown there is an outcry on the CEOs pay, their way of reaching Washington for a bailout (flying corporate jets vs driving hybrid cars).

When discussing this CEO pay issue with friends, I thought that the reason that it will continue to be high and nothing can be done is because the stock holders, a major portion of them who are institutional investors like mutual and hedge fund managers probably don’t bother to care about restricting the CEOs pay because it’s going to come back and bite them when they take their hefty bonuses for the fund performance during the good years (and probably bad years as well which really upsets the common public myself whose retirement savings plummeted by half. But apparently, the real reason is that the shareholders in the US don’t have a say on the executive compensation like it is in the European countries where the ratio of salaries of rank and file employees to their executives is much lower than in the US. Hence, the “say on pay” proposition. Need to see where it goes.

Anyway, after following all this, when I recently read an article on how the companies are cutting their IT spend by adopting more and more open source, it got me thinking about the Open Source and the CIO pays.

Here is the thing. If you are a business owner and you find that you are paying 10 times more for the personnel to maintain the software than the licensing cost of the software, how would you feel? I mean, if a medium to large company uses a software like Oracle, SAP or Microsoft’s enterprise software, the cost of the software license and support is much more than the salaries of the people to manage those applications. But if the IT guys start using open source software and reduce one part of the equation, what happens to the other part? May be that’s when the CEOs will realize the extra overhead and move to SAAS and keep the IT staff to none or minimal?

Let me see, if a big company starts using SAAS for all of it’s IT requirements including email, collaboration and enterprise applications (ERP, CRM, HCM and Financials), then does it need a CIO and pay him a heft $250K salary or more?

Desperate times need desperate measures. As some political person said during the bailout discussions “the party is over”. The good for nothing and old style management should stop justifying their very existence and start embracing the new ways of doing business. It’s sometimes sickening to see a handful of people doing real work and more than double that number just introducing process after process, that seldom really works, to justify their job roles and compensation.

Leave a comment

Filed under Executive Compensation, open source, SAAS

Number Of Downloads, A Stupid Metric

Some of the software companies that adopt open source as a marketing strategy advertise that they have so and so number of downloads. A great example of that is Compiere boasting about 1.3 million downloads at present for example. My question is how many of these downloads are

* specific to each release?
* downloaded by competitors?
* downloaded by developers who are just curious?
* potential customers downloading to evaluate but never proceed beyond that first installation and playing around, if they manage to get to that stage?
* it’s easy to manipulate Alexa traffic range very easily by installing the Alexa Toolbar and reloading a website a few times a day from multiple computers (different ips). So, what makes someone not do the same with a bot and increase the download count on sourceforge.net?

Well, I am not accusing any specific company or community about any malpractice, but number of downloads doesn’t really tell anything about a software product. But I guess, any stupid metric becomes a sensible metric on a relative scale. I for one, won’t bet on the number of downloads to decide if I should invest in a specific software.

Leave a comment

Filed under open source

Open Source And SAAS

Based on the recent move by an open source company to offer it’s product only as a SAAS, it got me thinking about that move. What does it mean to the people who are interested in contributing to the software?

Open Source has several benefits to the people using the software, some of which are

a) if the company goes bust, the code is accessible to continue further
b) if there is a bug, access to the code makes it easy to fix it before it’s available through the vendor
c) review of the code from multiple developers reduces the security issues
d) and also, new features are likely to get added faster through contributions

Now, if the vendor chooses to make the code available to customers only as a SAAS application, then what incentive does the ecosystem supporting that software have any longer? For example, some one interested in consulting can’t do that any longer as the customers are not installing but using the SAAS offering. System Integrators have limited opportunity, if any, to develop and make money out of integrations.

So, it makes me think that an open source company choosing to provide only the SAAS model is at the risk of losing the developer community. Interestingly, right now both Open Source and SAAS are two interesting buzz words that the VCs are interested in. Lack of stellar revenue opportunity from Open Source model perhaps made some of the companies to mold themselves into SAAS providers (SAAS is perhaps inevitable even for their closed source cousins as well).

Leave a comment

Filed under open source, SAAS

Open Source Or Otherwise, Some Problems Remain The Same

When it comes to Enterprise Applications which is commercially dominated by SAP and Oracle, there are several open source solutions being developed. Some of them are trying to be the complete suite of applications like Compiere and the others more best-of-breed point solutions like Coupa.

Just like the CIOs and IT staff face with the dilemma of picking the best-of-breed commercial solutions vs going with generic but wide range solutions, same is applicable for open source as well.

Moving from paper based tracking to any form of automated tracking certainly helps. But for companies trying to go beyond the basics and have well integrated automations from procurement to payment, order (or even a quote) capture to fulfillment, there will be integration challenges to deal with if one were to go with best-of-breed solutions. Infact, one can even imagine a configuration where some of the best-of-breed solutions are commercial while the others are open-source!

In such a scenario, who will be building the integrations for these disparate best-of-breed open source applications? Would it make sense to bring in the big-5/4 there? IMHO, then that would defeat the purpose of trying to use open source with the intention of saving the bottom-line.

In addition, with open-source applications, there is no restriction on the technology components. One team/company can choose to use Ruby-on-Rails, while the other perhaps Python and yet another Java and may be even Perl. So, what a nightmare that would be to integrate these various different technology components into one single harmonious application. Of course, this is true for commercial counter parts as well. However, most commercial software typically goes with the main-stream technology, which currently is either Java or .Net.

There is no denial that the WebServices and the SOA are supposed to address this language/platform problems. However, it is yet to be seen how successful this route is going to be as many earlier attempts at seamless distributed computing (such as CORBA and RMI) never really worked well mainly due to performance. But even with WebServices and SOA, most of the open source enterprise applications are currently at a stage where they need to catchup and implement a lot of functionality and the least focus they have is to ensuring that their application is interoperable with other applications. That is not to say that they are not interested in that, but with limited resources, there is only so much that can be done and that would typically be on the core competency, the product itself and how many features it has as a standalone application.

But who knows, with the commercial applications already betting and leading their way to SOA enabled applications, the open-source counterparts will consider it as a part of the survival strategy than a add-on bolt. I see the same issue with business intelligence also where the main stream commercial applications have some in-built capabilities while the open source counterparts mostly lack them.

Leave a comment

Filed under application integration, Enterprise Applications, open source