Home » Topics » Cybersecurity » 4 reasons why people should stop associating open source with a lack of security

4 reasons why people should stop associating open source with a lack of security

Avatar photoby Ben Rossi

Reducing operational IT expenditure whilst increasing the level of security and software capabilities is a top priority for most enterprises. As a result, more and more enterprises are moving into the open source space looking to take advantage of the benefits it offers over traditional forms of software.

Open source solutions can be modified and adapted to fit the needs of various companies – something that’s not possible with proprietary software.

Today, the open source model is much better understood, and organisations are considering it as vital to the future of digital business and government services. A recent survey found that more than 50% of respondents are moving into the open source space.

>See also: Heartbleed: Don’t blame open source, blame the people

Yet, despite growing acceptance of open source, organisations are still concerned about security.Here are four reasons why organisations have little to be concerned about.

1. The open-source community is protective of its reputation

The large global network of contributors in the open source community does extremely high-quality work, and they are very protective of their reputations. Because the entire community can see their work, their professional credibility is on the line every time they release code – so they will not release code with their name on it until they’ve thoroughly vetted it.

Increasingly, these communities are widely recognised as a vibrant resource that can help organisations develop more robust code, faster fixes, and even innovations and improvements that enable new services.

In a proprietary model, the software is only as good as the small set of developers focused on it. Organisations that lean on third-party vendors for their proprietary software may feel more secure, but that security is an illusion. In the name of proprietary IP, vendors can easily shield enterprise customers from finding out whether their code has security holes – until hackers start exploiting those holes.

2. Commercial open source is the best of both worlds

Organisations that leverage commercial open source software benefit from the best of open source and proprietary models. Enterprises desire a development model that fosters ongoing innovation.

In the open source development model, organisations can contribute code tailored to their needs back to the project. With commercial open source, any new code is put through a rigorous quality assurance (QA) process to protect the security of enterprise customers and their end users.

>See also: Hybrid cloud, open source lead the cloud pack

Modifications that have value for the wider base of enterprise customers are vetted and then accepted into the code base by the community. Maximising the value of open source requires a strong relationship with a commercial open source vendor that encourages community creativity and contributions.

Enterprises are also able to contribute code to support their businesses. Commercial open source vendors provide the support and rigorous product development process, including testing against databases, containers, and QA, which are typically provided when developing proprietary software.

3. Digital business and citizen services need open source

The most important question confronting governments and businesses today is how to continue transitioning into the digital age. Existing technologies struggle to keep pace or fall behind in breadth and depth of capability.

Utilising open source can be a critical enabler for accelerating rate of change for the new customer-centric digital experience. Open source development models provide the flexible open architectures and limitless scalability that are essential to building innovative, agile, and robust solutions with ease and speed.

4. Open source brings high levels of security and innovation

If an organisation isn’t already using open source, they may be behind the times. The success of open source should be determined by its ability to provide a high level of security and innovation.

Open source provides security validation through its transparency, something proprietary software cannot do. Gartner predicts that by 2016, 99% of the Global 2000 will use open source. Andrea Di Maio, a Gartner analyst, noted open source is becoming increasingly popular with governments as they look for ways to reduce spending and increase efficiency. This wouldn’t happen if it wasn’t secure.

>See also: The great OpenStack conundrum: with 15,000 members, why is adoption lagging?

Enterprises need to consider these advantages of open source. In today’s world of ever-growing digital businesses and services, commercial open source provides a platform for organisations to focus on providing value to customers and increasing revenue streams.

 

Sourced Neil Chapman, ForgeRock

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Open Source

Related Stories

Cybersecurity

How AI will shift the security landscape in 2024

The impact of AI within cybersecurity is expected to grow significantly this year, says Alex Holland, senior malware analyst at HP

AI & Machine Learning

NCSC releases guidelines for secure AI development

New guidance from the National Cyber Security Centre (NCSC) aims to help businesses securely innovate with AI and minimise risks

Cybersecurity

3 cybersecurity compliance challenges and how to address them

Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy.

Cybersecurity

70% of UK firms reported cyber insurance changes in past year

According to research from Databarracks, seven in 10 UK businesses have seen changes to their cyber insurance in the past 12 months, as requirements rise