If you're working for an organisation which traditionally uses proprietary software instead of open source based solutions, they might be doing that for the wrong reasons.
Organisations who have traditionally worked with well established software providers like Microsoft, Salesforce, Oracle, etc apparently still feel uncomfortable purchasing an open source based solution. Proprietary software manufacturers play on that, as was clear when listening to Gary Tyreman, CEO of Univa. In an article in CMS Wire he claimed that proprietary software is safer, and more bug free than open source software.
Obviously, as CEO of a company that provides proprietary software, he's expected to be biased and is just playing his role. It's though eye-opening, that Univa is relying heavily on open source solutions on its own website. Clearly, the statement is purely marketing and inside Univa they know better. Matt Hamilton, Technical Director at Netsight took a closer look at the Univa website and found out that:
But still, as our solutions are based on Open Source, we, at Code Enigma, might be as biased as well. So lets take a closer look at the arguments Gary Tyreman made:
"Free Open Source Software (FOSS) is particularly dangerous because if something breaks at a critical time, you’re out on a limb and there may be no one to call for help"
So what is being said here? If you choose a proprietary software package and have a problem, you can just call the vendor and get help right away? Well, anyone who has been in this situation regularly knows that the Microsofts of this world aren't really sitting there waiting for you to call. Maybe if you're a Fortune 500 company you do get the premium client customer service. But how many of us are working at Fortune 500 companies? Also, in case your vendor's customer service doesn't live up to your expectations, who do you contact? You only have two options: You accept the bad situation and just learn to live with it, or you go for another vendor, which implies having to go through the painful process of switching systems.
Now lets take a look at open source based solutions. Many professional service and software providers (yep, including ourselves) do offer professional and reliable support. The additional advantage of an open source based solution is that, if the current vendor doesn't live up to their promises, you can just select another vendor that works with the same open source technology which can take over the current system. AKA vendor independence. Read: no painful migrations, no long technology review process, no time spending staff training programs.
Still, Tyreman's argument shouldn't get open source companies defensive. I would just recommend our potential clients to take a close look at the support offering of your potential vendors. And to ourselves, I'd recommend to communicate better on our customer service offering. Lesson learned!
"Open Source software, by its very nature, is still in production and therefore unstable."
At Code Enigma, we use the php based CMS system, Drupal, to develop our client websites. Drupal is open source. Ensuring Drupal is a stable CMS framework is one of the responsibilities of the Drupal Security Team. This group of 40 Drupal developers, selected by the Drupal Association is in charge of resolving reported security issues. Before we compare these 40 people to the number of staff software developers might employ, you need to take into account that Drupal.org currently has over 25 000 developers registered. That community is an incredible asset. Which proprietary software is being scrutinised day by day by 25 000 well trained pair of eyes? And when these people identify a security risk, a dedicated team goes out and solves it.
Many companies, like ourselves, offer maintenance contracts which ensures these security fixes are being deployed on your site within a reasonable time. So there is no need for open source software to be unstable. But what about proprietary software? If we take a look at the support page of Windows Server we see in 2013, Microsoft issued 15 updates already, off which 13 included updates to the security content. The fact that Drupal or Windows continuously updates its systems security doesn't make it insecure. It's just good housekeeping. And it's a challenge tackled by both proprietary software as well as open source software.
About the criticism that open source software is continuously in production, that's a matter of perspective. I'd rather say that the software is continuously improved and enhanced. That doesn't mean that what was there previously wasn't "production-ready". When we deliver a website based on Drupal, that site will be stable and based on the state of Drupal at that moment. Future changes will not affect that single site. It will just deliver us more tools and options for future projects. Previous projects will only be impacted by security updates, but this isn't an exclusive characteristic of open source. Remember the large number of security updates from Windows Server mentioned above.
"Proprietary software has less downtime with it"
How many times have you clicked on the "send error report" button in a proprietary software program? Do we really feel like proprietary systems are that reliable and always up? That's definitely not my experience in the 11 years I worked in a traditional large corporation that relied on proprietary software for the critical enterprise workflows. And even if you get feedback with a proposed solution from your vendor, what if that proposed solution doesn't work on your machine? You're out of options.
Apart from the apparently inevitable freezing of many proprietary software, they're also popular target of viruses. And who will disagree with me that security attacks cause downtime.
Let's remember again where these arguments came from. Univa uses open source software as backbone for its commercial website. Their website is their sales channel. If that sales channel wasn't continuously available (known as "uptime"), that would directly affect the company's income. Would any serious company put their revenue generator at risk by basing it on technology that causes larger downtime?
Again there is a lesson learned here. As a service provider, we should consider publishing uptime of our hosting clients. We'll sure look at that in the future. (Watch this space, I would say)
"Open Source software has a lack of ease of use"
When searching for a new software solution, and you find:
- a finished product
- 100% compatible with your in-house systems
- with ALL the requirements you need
- with a good support package
- at the right price point
- not flooded with features and functions you won't ever use and will difficult the user experience
Well, if you can tick all the boxes, say no more. Go buy it.
But how often does that happen? Too often though, users of Open Source solutions think it's free and cheap. Well, the nature of open source software is that it's not an out of the box solution. So you aren't really comparing two exact same products. Part of what you save in software licenses, you should spend on customisation of the solution. You probably won't save huge amounts of money (a common misconception on open source based solutions) Rather, you will end up with a high quality product that will closely match your requirements, designed with your user experience and company specifics in mind for a similar price of an off the shelve solution that does only match part of your requirements. Just take into account you'll have to spend a bit more effort during the set up phase to investigate what your exact requirements are.
Finalising these ideas, we're comfortable we have a strong, reliable and cost effective alternative to closed source or proprietary solutions! If you still have doubts, feel free to comment or contact us.