Top 3 Myths of Open Source for Government

Despite public sector and government organisations increasingly breaking new ground in digital experience, there remains an underlying tension when it comes to selecting the right technology.

Ensuring due diligence throughout the evaluation process is a crucial part of any new digital project, and often the weight of that responsibility can lead decision makers to select conventional technologies that have a perceived source of ownership and accountability, rather than those that will enable them to best serve the public.

In a recent series of roundtable events in Sydney, Brisbane, Melbourne, Canberra, and Wellington, Acquia learned that many public sector decision makers are torn between the agility, flexibility, and opportunity for innovation offered by open source, and the perceived safe options of well-known proprietary platforms.

Here are the top three myths of open source for government … busted!

Myth 1: Open Source Isn’t Secure

By its nature, proprietary technology has an owner (the vendor) and therefore a perceived ultimate point of accountability. If an open source site fails, who is to blame?

Last year, following the infamous Equifax data breach, it emerged that the breach was due to a lack of security maintenance, not a security shortcoming of open source sites in general. Ultimately, an old, poorly maintained site will become vulnerable to threats, whether proprietary or open-source; however, open source requires a best practice, proactive approach to security.

There is more security support for open source than ever before and, in return for keeping track of vulnerabilities, fixes, and security updates, open source users will be rewarded with the ability to build ambitious, agile, and cutting-edge websites far more quickly and cost-efficiently than those using proprietary software.

Myth 2: No One Is Accountable and There Is No Support If There Are Issues

In the early days, this was a legitimate concern – but not anymore. Open source software such as Cloudera, Linux, and Drupal are supported by organisations around the world (including Acquia), offering customers support, paid services, hosting and training as well as best practice advice.

Myth 3: You Have to Share Your Code

In the case of Drupal, you don't have to contribute the code you've developed with anyone.

However, sharing code is at the heart of the open source concept – if you create something great, share it with the developer community, who can potentially make it even better. Acquia is the largest contributor back to the Drupal community and we strongly encourage sharing your code with the developer ecosystem, to help accelerate the rate of innovation while reducing time to market and cost. Everybody wins.

Ultimately, open source is the future. In recent years there has been an explosion in the development and adoption of open source technologies. In fact, the 2018 Open Source Security and Risk Analysis report by Black Duck and Synopsys found 96 percent of applications contained open source components, with a large number of those now containing more open source than proprietary code.

As open source becomes the norm and more widely adopted by large enterprises with the resources to invest back into the community, users are reaping the benefits of open source projects from some of the most innovative organisations across the globe, including Google and Facebook.

For public sector and government departments, respected open source providers, like Acquia, can provide automatic security patching and 24/7/365 monitoring for intrusion attempts, DDoS attacks, and other suspicious activity – dispelling the myth that open source software is more susceptible to security breaches.

For more information, visit Acquia’s Security by Design page.

Alternatively, check out some of our most recent work with The Australian Government, The Department of Environment and Energy, and ADMA.