Despite its overwhelming advantages, open source adoption is inhibited by concerns about the availability of reliable support, which is often needed to address security concerns. That is one of eight conclusions from the survey The New Stack conducted with Tidelift.
If open source has become the default stack for modern developers, then get ready for an onslaught of challenges as companies struggle to get reliable support for up-to-date code. In June 2019, Tidelift and The New Stack surveyed 369 people that use open source software to build applications at work. Across a range of criteria, respondents believe open source is inherently better than proprietary software. Eighty-six percent believe open source is more flexible and extensible, with only 3% choosing proprietary. Open source is also preferred by significant margins when it comes to developer satisfaction and speed, total cost of ownership and quality of code. The only area where proprietary software is seen as slightly better is in the availability of reliable support and consulting services. Nearly 40% of respondents report proprietary software as stronger in this category, versus 36% for open source.
Perhaps it was their bravado, but 61% of respondents were confident that open source is more secure than proprietary software. All things being equal, open source may be more secure if it is easily audited and tested by the public. However, guaranteeing that open source dependencies are maintained and secure is a challenge. In this regard, developers need support when and if a new security vulnerability is identified.
The New Stack conducted another survey in July 2019 with The Linux Foundation and TODO Group that looked at the same range of possible benefits, but asked respondents to name the top three benefits their company receives from open source software. The results were remarkably similar. Only 7% said reliable support or consulting services is a top benefit, and only 17% named security. So, although fans of open source may say it is secure, they are not very likely to say this is a key strength.
The Linux Foundation and Tidelift are sponsors of The New Stack.
Featured image via Pixabay.