Insight by Carahsoft

Open source and IT modernization—A perfect storm of opportunity

The Evolution of Open Source

One of the reasons why the Office of American Innovation in the White House demonstrated a lot of support for open source technology is in regard to the cloud and the emphasis of the migration of legacy applications to the cloud, and the requirements on agencies to use more digital related technology to improve service to the citizens.

Cybersecurity and IT Modernization

If you look at some recent incidents like Heartbleed or Spectre, these things were actually solved in the open source community on day one. In a larger community, we have a lot of different folks looking at code from a lot of different angles. There’s a real-time community of a very broad and diverse audience of global coders actually looking at this and trying to come up with solutions.

August was the two year anniversary of the Office of Management and Budget’s open source policy, promoting the reuse of custom software code, and establishing a website to host that code.

So far 26 agencies have posted code for reuse.

The move to open source goes beyond just a website and a listing of code. The Defense Department launched earlier this year code.mil and has been moving much of its custom-developed software source code to a central repository and begin managing and licensing it via open source methods.

The 2016 memo was actually the second time OMB tried to promote open source. Back in 2004, then OMB administrator for e-government and IT Karen Evans issued a memo addressing how agencies bought software. While that memo wasn’t specifically about open source, OMB did remind agencies about how the licensing of open source software works.

The Defense Department isn’t much better, issuing open source policies in 2003 and 2009.

Despite these efforts and what seems like 15 years of focusing on open source, the uptick remains slow.

But Paul Smith, the general manager and senior vice president North America Public Sector for Red Hat, said with the push for IT modernization across government, open source is becoming that much more attractive to agencies.

“We harness all that innovation, freeze dry it at a point and time, and offer it as a product and offer version control. That way we can make sure it works with all of your hardware and software systems,” Smith said on the Innovation in Government program. “At a high level, if you take a look at what’s going on with dev/ops as a methodology or a process, it’s the ability to go in in small chunks and fail fast or learn fast and iterate. Open source at its very roots is that. We have been doing that for 25 years.”

Rob Efrus, the president of the Coalition for Enterprise Open Source Software for Government, which works with companies on educating federal executives on the differences between free and enterprise open source, said federal adoption of open source has been climbing steadily over the last decade.

“One of the reasons why the Office of American Innovation in the White House demonstrated a lot of support for open source technology is in regard to the cloud and the emphasis of the migration of legacy applications to the cloud, and the requirements on agencies to use more digital related technology to improve service to the citizens,” Efrus said. “This puts pressure on agencies to come up in a quick turnaround way with applications, many relying on or built on open source technology, that can address not only legacy migration, but the shift to digital.”

As IT modernization, the move to agile or dev/ops and the focus on digital services continues to pick up steam, Smith said agencies now have a platform based on open source where they can develop applications and modernize existing systems more quickly.

“If you look at Google compute, Azure and Amazon Web services, they are delivering infrastructure-as-a-service. You can spin up a machine and do development. Now customers are bringing that on-premise with the same type of constructs and the same type of architecture,” Smith said. “The real challenge now is how do I do both. There are a lot of applications and a lot of workloads that have to live in both places.”

He said enterprise open source can help agencies with the challenges of portability, agility and protections from getting locked-in to a cloud service.

Among the biggest concerns with open source over the last decade has been around security. Smith said it’s a constant discussion with customers.

But the old industry adage “with many eyeballs looking at code, there are shallow bugs” is truer than ever.

Red Hat and other open source companies work closely with the National Institute of Standards and Technology (NIST) using the secure content automation (SCAP) protocol to automate security controls, the General Services Administration’s 18F organization on configuration lockdown.

“If you look at some recent incidents like Heartbleed or Spectre, these things were actually solved in the open source community on day one,” Smith said. “In a larger community, we have a lot of different folks looking at code from a lot of different angles. There’s a real-time community of a very broad and diverse audience of global coders actually looking at this and trying to come up with solutions.”

 

About Red Hat:
Government agencies demand performance, transparency, and value—exactly what Red Hat offers. As the standard for Linux in governments worldwide, our cloud, virtualization, storage and platform solutions bring freedom and collaboration to the public sector. Bring the power of open source to your agency.

 

About CEOSSG:
The Coalition for Enterprise Open Source Software for Government (CEOSSG) is a membership-based, non-profit organization comprised of top-tier open source vendors and affiliated Open Source groups committed to communicating the benefits associated with federal agency utilization of enterprise-class open source software solutions.

 

Resource Center: