Drive to Open Source Software Highlights Unmanaged Security Issues

Open Source is free, right?

Open source software has long been integrated into IT across the world – the click through licence agreements that we all scroll and agree to when downloading and installing applications such as Apple iTunes essentially contain the elements of open source within this.

But now, organisations across the world (and this includes governments and its branches) are being told to seek out utilising open source software as a ‘free’ alternative to commercial off the shelf enterprise software.  Within the NHS this is cost issue, but within their programme they have also discovered that ‘free’ might not be quite as ‘free’.

Legal – Security – Operational

The bad news is that there are over 2,500 licence agreement types within the open source community and all of them have varying degrees of obligations on the end users that need adhering to.  Open source communities develop and update code and share with the wider community, but not all projects are widely supported and due to the open nature security vulnerabilities may become more obvious to penetrate.  In recent years the likes of OpenSSL has driven such issues as HeartBleed which compromised the security of SSL across the world which needed addressing.

The good news is that SCC has developed a solution to help manage the use of open source software through education, policy and process governance and technology based services to understand, mitigate and remediate risks.

Contact SCC to help you optimise your SAP usage and increase your efficient processes around Adobe software procurement strategy through our SCC Software Asset Management services.

e: [email protected] t: @SP_SCC_SAM