Other IT executives are slowly moving to a more formal open-source usage policy. Robert D. Hirsch, vice president and CIO of specialty tool vendor QEP freely admits, "We do not have a policy for open source today. However, it is inevitable that we will need one. Our younger developers have been brought up on open source and see it as a way to build and prototype applications quickly."
Accidental Open-Source Developers
This touches on a side issue. Your company may not be in the software business, but that doesn't mean that your in-house developers aren't modifying open-source programs for your own internal use. That's not a problem by the rules of even the strictest open-source license. But if you ship a product that contains modified open-source code, you'll need to obey the license's rules or face possible legal consequences. Verizon, for example, ran afoul of this when it shipped wireless routers for its Fios (fiber-optic service) Internet that contained a GPL ( General Public License) program.
Some corporate executives, such as David Allen, CTO at Sparta Consulting, an SAP consultantry, are already painfully aware of the potential trouble with using and developing open-source software. "I am a big fan of open source, use it every day, but I'm concerned that too many CIOs do not have an adequate grasp on their responsibilities with the various licenses that we generically describe as open source. As a new CTO, I have taken the responsibility of creating our IP development standards/policies. Beware of trying to walk the line between 'use' and 'development.' The line between configuration and extension or development is fuzzy at best."
To avoid this kind of misstep, and to make sure that authorized in-house programs are green-lighted before going into production, Hirsch says his company plans to have its policy "state that open source can be used for experimentation, prototyping and investigative application development without permission. However, any production designed applications or utilities will require an approval by the CTO/CIO and the business owner before open source can be used in a production environment."
So long as you use any customized open-source software in-house, Gordon Haff, principal IT advisor for the Illuminata Group, doesn't see too much for companies to worry about. "Anecdotally, when I'm in an end user audience, I don't see much interest in or knowledge of open source software licensing nuances and issues. And, truth be told, for a lot of end users, it doesn't matter much. If you're strictly an end user developing software for your own internal use, you can use pretty much any open source software you like without knowing or caring about the differences between GPLv2 and BSD."
Sign up for CIO Asia eNewsletters.