Open Source and Strategic Business Risk

Ultimately, the reasons open source seems destined to become a widespread practice have more to do with customer demand and market pressures than with supply-side efficiencies for vendors. I have already discussed, from the vendor's point of view, the effects of customer demand for reliability and for infrastructure with no single dominant player, and how these have played out historically in the evolution of networking. There is more to be said, though, about the behavior of customers in a market where open source is a factor.

Put yourself for the moment in the position of a CTO at a Fortune 500 corporation contemplating a build or upgrade of your firm's IT infrastructure. Perhaps you need to choose a network operating system to be deployed enterprise-wide; perhaps your concerns involve 24/7 web service and e-commerce; perhaps your business depends on being able to field high-volume, high-reliability transaction databases.

Suppose you go the conventional closed-source route. If you do, then you put your firm at the mercy of a supplier monopoly—because by definition, there is only one place you can go for support, bug fixes, and enhancements. If the supplier doesn't perform, you will have no effective recourse because you are effectively locked in by your initial investment and training costs. Your supplier knows this. Under these circumstances, do you suppose the software will change to meet your needs and your business plan...or your supplier's needs and your supplier's business plan?

The brutal truth is this: when your key business processes are executed by opaque blocks of bits that you can't even see inside (let alone modify) you have lost control of your business. You need your supplier more than your supplier needs you—and you will pay, and pay, and pay again for that power imbalance. You'll pay in higher prices, you'll pay in lost opportunities, and you'll pay in lock-in that grows worse over time as the supplier (who has refined its game on a lot of previous victims) tightens its hold.

Contrast this with the open-source choice. If you go that route, you have the source code, and no one can take it away from you. Instead of a supplier monopoly with a chokehold on your business, you now have multiple service companies bidding for your business—and you not only get to play them against each other, you have the option of building your own captive support organization if that looks less expensive than contracting out. The market works for you.

The logic is compelling; depending on closed source code is an unacceptable strategic business risk. So much so that I believe it will not be very long until closed-source single-vendor acquisitions when there is an open-source alternative available will be viewed as actual fiduciary irresponsibility, and rightly grounds for a shareholder lawsuit.