Corporate open-source project security, roots in lack of IT innovation? – Network World

Open-source projects may have different security concerns than do COTS (commercial off the shelf) projects, IT control being one.  However, if development life-cycle best practices are in place, through security QA testing, open-source projects should do fine.

Per the  pie chart, the problem may have its roots in lack of IT innovation.  An IT-led initiative would not have a tagline of “who’s in charge of open-source security…?”  When an innovative IT organization has invested up front in mapping out the use of emerging technologies (e.g. open-source), future users of that emerging technology will want to go to IT to lever IT’s existing best practices knowledgebase.

If open-source projects are happening and they aren’t following IT best practices, then it seems logical that these aren’t corporate IT-defined or led projects.

Why not?

Control and security of corporate open-source projects proves difficult – Network World.

Focused on TBM, Technology Business Management ("run IT like a business"). - 30+ years of experience, in providing IT strategy, process, application, RAMP, hardware, software, network, internet and cloud solutions to financial services, MRD and high technology companies from startup to F500. - 20+ published articles on the intersection of business and technology. - Startup advisor and mentor to a dozen startups, four of which were acquired and one of which is newly-launched (ITconnecter, a Crosswaves Ventures LLC company). - Specialties: IT Technology Business Management (TBM, aka "run IT like a business"), strategic partnerships, technology innovation, solutioning and program/project management (onshore, nearshore, offshore). Technology consulting focused on innovation, built around process, data and integration (cloud, social networking). We use I/TBM financial management best practices to help mid-size and large enterprises ensure they are meeting the needs of their business effectively and efficiently.

Posted in cloud, compliance, database, disruptive, elasticity, industry, inspiration, ITconnecter, IVIS, risk, security, software, VaaS, vendor Tagged with: , , , , , , , , , , , , , , , , , , , , ,

Looking forward to your perspectives....