Comments : Open Source Security Myths Dispelled

The decision to deploy proprietary, rather than open source security solutions (OSS), is often influenced by some commonly held perceptions.

Many IT professionals can’t seem to shake off the belief that OSS is inherently risky unreliable and complex. I am going to examine the most common of these perceptions to highlight how the facts are very often the exact opposite to what people believe.

Open source critics often doubt the stability of the platforms. The number and frequency of patches that OSS products need to stay secure is high and rapid.

However, the fast flowing evolution inherent to open source products means that potential vulnerabilities and design flaws are uncovered faster than in programs built on proprietary code, which typically have fewer developers – all of who are restricted in working to defined development objectives and timescales.

When commercial security vendors integrate OSS products into their solutions they ensure that all components are updated via automated processes so the fast pace of change is delivered to the end-user seamlessly and is not a burden on IT departments.

Article continues after advert

Businesses are also put off paying hard cash for an OSS solution, believing that as it can be downloaded for free, it’s pretty cheeky of the OSS vendors to charge.  It’s true that OSS can be downloaded for free but businesses need to be aware of what the free product fail to include.

Intuitive GUIs, redundancy, failover, auditing, reporting, and other similar capabilities tend to be overlooked by open-source developers, who focus on technical challenges rather than business ones. Companies that commercialise OSS, add value with documentation, guides, interfaces and interoperability, providing users with the best of OSS and proprietary software worlds.