On one side, IT managers benefit from the openness and flexibility of the code and its reduced costs (read: it's free). On the other, the report found that an increasing number of licensing and compliance issues could hamper further adoption of Linux , particularly in IT shops that haven't deployed open source in mission-critical areas.And things could get worse. Through 2010, Saugatuck expects open source licensing "to explode." "It will extend into multiple formats," said Bruce Guptill, Saugatuck's managing director of research services, "to the point where we will see users of a single solution from one vendor that contains open source code from multiple vendors being required to comply with multiple licensing terms simultaneously." Widespread adoption fuels licensing issues
First and foremost, Guptill said his firm's latest research indicates a "massive and rapid adoption of open source" and Linux in enterprises of all sizes. Approximately 24% of IT executives "always" consider and evaluate open source alternatives for IT solutions, and another 40% "frequently" consider and evaluate open source. "We see the use of open source, including for mission-critical systems [like Linux], growing very rapidly -- faster than any previous research we've seen. The uptake, from operating systems to desktop applications, is accelerating," Guptill said. . But Saugatuck's survey also indicated that licensing and indemnification issues aren't registering on IT executives' list of concerns. Among a list of priorities that included security, technology immaturity and support, licensing issues and risks was chosen by a mere 12.3% of respondents. Only software performance scored lower, at 9%. According to Guptill, these IT priorities are unacceptable and even contradictory given the fact that one of the top four reasons cited by IT executives for adopting open source is the "ability to adapt and refine source code," according to Saugatuck's report. With so many of today's IT shops hacking code, the likelihood that enterprises will violate multiple license terms increases, he said. Further complicating the issue is that most users and IT executives are familiar with only a handful of open source licenses, such as the General Public License and the Berkeley Standard Distribution (BSD). In reality, however, there are more than 1,000 open source licenses that Saugatuck has found deployed in the enterprise. "It's clear from our current research that licensing risks are not yet a major inhibitor in user enterprise adoption of open source software," Guptill said. "Frankly, we believe that most user firms simply don't see the rising tide just yet." The rising tide of risk
Guptill said all enterprises should immediately review their open source licensing agreements, audit their use of open source and create formal policies for managing isource code -- especially mixed-source code. This advice is especially timely given the Microsoft/Novell Inc. partnership formed in November 2006 that promised better interoperability between Linux and Windows.
On the auditing front, two mainstream vendors -- Waltham, Mass..-based Black Duck Software Inc. and San Francisco-based Palamida Inc. -- specialize in vetting IT compliance and intellectual property issues. Guptill recommends users at least explore the services they offer.
And as open source further penetrates the enterprise as well as the software stack, it will become a potentially costly IT and vendor management challenge. This will likely lead to the adoption of increasingly stringent software and services management policies, including the growth of compliance audits and the use of source compliance tools, Guptill said.
The bottom line: Open source software enables user and vendor enterprises to do a lot more with IT faster and cheaper than they can now. With these gains, however, Guptill sees a management price to pay. IT managers should brace themselves for the "rising tide" of licensing issues --and be prepared, he said.
Email Jack Loftus with your comments and suggestions.