Welcome to Issue 2 of the IT Leaders' Open Source Newsletter. If you missed issue 1 then follow the link here. This month we turn our attention to Open Source policy, not the most riveting topic, however in a world where governance and compliance sit firmly on the executive agenda this is a really useful read.

Thanks for your feedback from last month! As as a result, we have shortened the email version of the newsletter with links back to the website. As always, your feedback matters and we welcome guidance on what topics you'd like to see some focus on.

Whichever end of the open source advocacy spectrum you sit at, you need an open source policy. The larger the IT operation you have, the more important it is to inform your people where you stand as an organisation with respect to open source and what is acceptable in terms of use. We all understand the internet and email as powerful business enablers, but we also recognise the need to protect the organisation from the risks they pose with well stated policy for staff. Ok you can use technology to provide some degree of compliance and of course common sense should prevail, however, the boundaries around use need to be clearly marked out.

In the same way that open source is a business enabler, there is also the potential for it to bring risk into the organisation if its adoption is not backed by clear policy. The principal risk rests with organisations that employ the services of developers. This may be internal or as part of an outsourced agreement for services.  There are two issues that need to be taken into consideration:

Where do your developers get their code? 

Is there a possibility that they are reusing open source code within your applications? This would potentially tie you to the terms of the license under which the code was released. That may not in itself be an issue. It becomes an issue more if you are distributing software outside your organisation and you are not aware that you are potentially infringing the terms of a license. There are tools to check your exposure this type of risk. We believe this should be an important focus for any organisation that distributes software. Black Duck Software and Palamida offer solutions in what is termed the Intellectual Property compliance space. Their software actively looks for open source code signatures to alert your organisation where you may be using and potentially infringing on an open source license.

What are your developers releasing into the community?

This is definitely not a problem unique to open source software. The plethora of technical forums on the Internet today contain a mass of fixes, code snippets and potentially sensitive corporate data. Your technical people work hard and often long hours and it isn't unknown for them to drop some of your sensitive setup information directly into a forum with information about your setup. Fortunately, these forums tend to be pretty diligent in terms of pointing this out to the wayward cut & paster. You will also often see where, for convenience, users have IDs that look remarkably corporate in format.

These are clearly side effects of the widespread Internet in business and something we address in our IT policies. The real issue here is around developers contributing code to the community that may infringe either your or worse still someone else's intellectual property rights. Now that shouldn't be a basis for you not to have developers taking part in communities and helping shape projects. It should however be a basis for:

We can help build open source policy and there are tools to help enforce and control its deployment within an organisation. OpenLogic provide a toolset for delivering and managing open source software both at the server and the developer desktop. This is a proprietary solution to the open source challenge, but an interesting toolset nonetheless. We see this as an enterprise level solution although smaller organisations could likely leverage the support, indemnification and deployment approach. With technical policy building capability across projects and even licenses it may well be the ideal toolset to enforce you open source policy. An interesting proposition which supports over 200 open source projects. If you engage in Enterprise Java development then it putting OpenLogic on your radar. It may well help you better control your development operation.

If there isn't enough here to shape your policy, then contact us about the strategy and policy guidance we can provide. We believe a well balanced and focused open source approach will give your organisation the ability to create a more flexible IT services portfolio. Your policy and strategy should be the bedrock of this.

Following an extensive survey, Dell have decided to ship PCs with Linux pre-installed. Ubuntu is not the only distribution they are looking at but as one of the consistently most popular distros it's good news all round. This is not the first time Dell have tried this and previous attempts fell fairly flat. Maybe their habit of loading a stack of Dell helper applications ruined previous attempts. We suspect it has significantly more to do with demand though. Let's hope they don't sully a perfectly good Ubuntu installation with a stack of annoying software that expires in six months. Let our message be understood as a big thumbs up for Dell and we hope plenty of consumers buy into this.

More and more CIOs should be asking themselves the question as to when their time for Linux on the desktop will come. If you read last months commentary on the Peugeot deal then you should be asking yourself how they are managing this at Peugeot? Do they have something unique in their requirements/approach or do they know something you don't? We'd like to think they've seen the opportunity that a Linux Desktop presents. Do you really need to blanket replace desktop hardware again or can you give your users an upgrade in operating system and extend the life of your kit? That's a fairly significant saving beyond the licensing if you can get this right.

So what about the Dell deal? We believe they've seen the opportunity behind this distribution. It was the first we loaded with pretty much everything working out of the box, which is some achievement. Wireless works nicely and the selection of installed applications presents something you can look at and say 'I can work with this'.

How does that translate into the corporate arena though?
How do you manage a Linux desktop?

There are a lot of boxes to check in terms of Anti-Virus, personal firewall, software management, policy management etc. If you are considering Linux on the desktop then don't ignore this 'not for corporate' distribution. We'll put money on these guys being an enterprise desktop player going forwards. It's a polished offering, with a thriving community built on the rock solid Debian distribution. Having worked with it for some time now as our business desktop environment, we're suitably impressed.

However, the step from small business to large enterprise desktop deployment is a big one. We don't believe any major desktop implementation will be easy, but we do believe it is achievable. So before you commit to the Vista upgrade, go out on a limb and try a small pilot. There are technical challenges in every business desktop deployment, don't assume the Linux challenges will be any more or less difficult than Windows.

How many of you out there have an odd looking badged box in your equipment room that costs your a small fortune every time something needs changing? Telephony hardware is expensive and the skills are expensive too. It's no surprise to us that we're starting to see some reported successful installations of open source telephony. Expect to see us ranting about open source telephony in future issues of this newsletter. Expect to also see us offering solutions in this space.

We were pleased to see this one appear on the IT Manager's Journal. O'Brien Automotive Team is a large dealership in Peoria Illinois. They've deployed Asterisk the open source PBX (Private Branch Exchange) to support 200 users in the organisation. Read the full story here.

Now that may not set the telephony world alight, but it's a positive step and they are not alone worldwide. There are a lot of organisations of this size and smaller wasting money with poor proprietary technology. Asterisk has a very large community with around two thirds of new features coming directly from it. As a project there is significant potential for Asterisk to deliver the next major innovations in telephony.

Now if you're a large player with a lot of telephony kit, then this is a space you need to monitor. You likely have a rack with an old version of Solaris running under the badge of a well known telephony vendor. You pay vast amounts for the kit, support, skills and upgrades. You likely also have separate kit for voicemail, conferencing, IVR (Interactive Voice Response) and maybe even ACD (Automatic Call Distribution). They're just applications sitting on telephony servers that happens to cost you a fortune. Asterisk can deliver the same services on commodity Intel hardware. Now it may be a little too soon for the huge call centre, but get an install in your lab and get testing. This is the future of business telephony.

Tuesday the 8th May saw us release our first whitepaper at mycustomer.com through their popular e-supplement. If you want to get a copy of the whitepaper, then you can get it directly from our website here. If you get the email version of this newsletter, then use the link there to avoid filling in our data capture form.

The whitepaper takes an in-depth look at open source CRM and reviews the business benefits to your organisation. It will answer questions such as:

This is an excellent look at a rapidly growing area of CRM software and positions open source CRM as a compelling business choice - a must-read document.

>> back to top

..is valuable to us. If there are any topics you'd like us to focus on within these newsletters or you have suggestions to improve the content then please let us know. Drop us an email at newsletters@hubstone.co.uk. You can also provide anonymous feedback online using our new form here. Please forward on the following link to any colleagues you think may want to subscribe to our newsletter.

Until our next instalment

The Hubstone Team