You’d be forgiven for assuming that open source software is healthier than ever. After all, Kubernetes, React, PostgreSQL, and any number of other very popular technologies are open source. What’s more, Microsoft bought GitHub, didn’t ruin it, and now is lauded as a true friend of open source. But reality is more nuanced.
Although it’s true that open source software is more popular and more widely used than ever, open source as a business model is at a crossroads. One big reason why is the threat of cloud providers creating their own distributions of open source projects and selling them as managed services, using their epic scale to undercut startups dedicated to commercializing those projects. As a result, companies that previously licensed their products under more traditional open source licenses are now opting for novel licenses designed specifically to combat this issue.
This week, Cockroach Labs—the creators of CockroachDB—joined the ranks of such companies. Previous relicensures have come from Confluent (Apache Kafka), Elastic (Elasticsearch), Redis Labs (Redis) and MongoDB.
We also learned recently that MapR—one of the original three Hadoop vendors, now pushing a more general-purpose data platform—is on the cusp of shutting its doors. There are a lot of forces working against enterprise “big data” architectures as they were built and sold over the past decade, one of which is certainly that core components such as Hadoop and Spark are open source and sold as managed services by every cloud provider.
The enterprise license assumption
At the enterprise level, the real benefits of open source have never really centered on the fact that the code is free. Rather, enterprise users benefit from the speed, innovation and quality that come along with an active community. However, growing and managing those communities is expensive, and many members can’t afford to pay for every piece of software they use.
Thus the assumed tradeoff: open source startups lose money on the majority of their user base, but make up for it on enterprise licenses that include additional features, support, efficiency and peace of mind. It was a logical-enough assumption in response to unhappiness over the proprietary license model, but early open source licenses and business models didn’t account for the advent of cloud computing—especially the scale at which the major providers operate.
There’s nothing inherently wrong with all these cloud-provider services, and organizations should absolutely use the best products for their particular needs. The fear, however, is that if revenue from open source software concentrates among a small number of large vendors, this will stifle innovation because there’s little incentive for individuals or startups to create open source projects or companies. (There’s a whole separate debate happening about how contributors, especially on small projects, should be paid.) In an extreme scenario, anyone waiting on exciting and usable open source will have to wait for whatever emerges, and catches on, from large tech companies that understandably operate on their own timelines and with their own interests in mind.
Ultimately, though, it’s enterprise buyers and their budgets that will answer the question about which open source business models are viable. Which means the pressure is on everyone with a stake in the outcome to prove that their approach really is the best one for customers over the long haul.
What you need to know this week
Everyone’s gotta get better at security
Quest says millions of patient records exposed in billing hack (Bloomberg): You can never be too careful, including when it comes to vetting service providers that handle sensitive data.
Should failing phishing tests be a fireable offense? (Krebs on Security): This is an idea fraught with peril, but which also makes sense. Where to draw the line between victimhood and negligence? (other security issues too; tailgating, etc.)
Your next security hire might need to be a developer (The New Stack): A lot of smart people believe this is the case—that companies can’t truly be secure unless developers and security staff speak the same language and understand each other’s worlds.
New York’s privacy bill is even bolder than California’s (Wired): Stricter privacy regulations are coming, targeting what companies can do with data and how they secure it. Are you ready?
The cloud giveth and taketh away
Google’s cloud outage is resolved, but it reveals holes in cloud computing’s atmosphere (TechCrunch): Absolutely right. The major takeaway from outages should never be that cloud sucks, but rather that infrastructure and architectures need to get a lot better if everything requires a connection.
NASCAR to migrate 18 petabytes of video data to AWS (ZDNet): It’s using AI services to process and add metadata to all that footage, which is a good way to take advantage of cheap computing and generic AI services.
Digital transformation touches everything
Is quality software worth the cost? (Martin Fowler): The short answer: Yes, for everyone involved. Even the teams developing it, especially over time.
Your 3-minute guide to serverless success (InfoWorld): Probably the best piece of advice here is to stop applying old processes and principles to new architectures.
Digital transformation efforts changing companies, careers, teams on multiple fronts (ZDNet): It’s really important to consider what these changes will mean for the people on your teams, in terms of skills they’ll need and what you’ll need to keep them around.
The SaaS opportunity of unbundling Excel (Foundation): This is a good reminder that digital transformation provides opportunities to create standalone products out what were once features, and not just for software vendors.
Apple Pay can be used to ride New York City’s MTA (The Verge): Yet another way Apple is taking advantage of smartphone ubiquity to grow its status in payments. Other companies should about how they might do the same in their businesses.
More AI done right
Businesses start transitioning to AI-powered procurement (Wall Street Journal): No Skynet stuff here, just boring and highly valuable statistical analysis to streamline the process and lower the cost of buying and selling.
Applying artificial intelligence allowed Accenture to allocate staff elsewhere (ZDNet): The ideal end-state of automation might be that jobs are automated, but the employees stay on doing new and probably more valuable things.
Customer centricity in the digital age (MIT Sloan): Some good examples of how AI can be used to deliver better customer experiences. Although there might be a demographic disparity when it comes to whether people like chatbots.
Other resources worth checking out
Forrester’s Guide to Paying Ransomware (Forrester; subscription required)
The Rise of the Agile Employee (Forrester; subscription required)
Plan Your Continuous Delivery Journey (Forrester; subscription required)
Vulnerability Management in DevOps-style IT? (Gartner blog)
Decision Point for Selecting Virtualized Compute: VMs, Containers or Serverless (Gartner; subscription required)
7 Elements for Creating a Pragmatic Enterprise Cloud Strategy (Gartner; subscription required)
How to Use Agile Techniques and DevOps With Database Management Systems (Gartner; subscription required)
Cut the Digital Transformation Fluff: Creating Metrics That Matter (Pivotal webinar)