The implementation and growth of open source software (OSS) across business functions and geographies has had many positive impacts, in particular being an agile solution to help businesses to quickly develop new processes, efficiencies and digital ecosystems. OSS is generally free, and open to any extension or customisation you need, making it popular for teams wanting quick results without budget signoff or the fear of sinking investment into the wrong technology.
Minimal licensing constraints and the right to customise code and functionality means you can develop the right application in line with your business objectives and other applications. OSS is a no-brainer for many projects. Because of these benefits, 78% of companies now run open source software. In fact, less than 3% do not use OSS in any way – officially anyway.
There are however hidden risks that you need to consider and manage carefully as you plan your OSS strategy and deployments. We’ve outlined a few of these here to help you better understand the true risks and costs of OSS adoption. As a longstanding and trusted OSS provider, the team at Seldon want organisations to be empowered to ask better questions and make better decisions about how and when your business uses it.
As you examine your OSS strategy, you should first consider and quantify the potential cost of not having:
- A formal policy for OSS use
- An automated code approval process
- An inventory of open source components
- A plan for monitoring open source code for security vulnerabilities
Without these frameworks, the potential risks can slow down the pace and quality of development. And in the case of code security processes, will increase the overall vulnerability of your systems to an external attack or costly internal error.
It may be that your business is ahead of the game and has processes in place to deal with these challenges. But there are two other significant risk factors to consider.
The cost of community membership
According to the licensing terms of most open source software, your business is obliged to contribute updates and patches back to the community. Every vulnerability you discover and patch must be shared with other users.
Although valuable to the community and the ongoing viability of the software, these efforts distract your developers and testers from the strategic projects that carry your business forward. Your organisation might not be providing upfront costs, but the absorption of development time can consume resources as they endeavour to improve the technology of the OSS provider.
Having a formal process for managing OSS community engagement will help to better control costs – but it will not negate them entirely.
You should factor these community efforts into the cost of running and maintaining open source software. It may be that some applications cost more in terms of developer effort and time than they save in license fees.
The big question – What happens when something goes wrong?
With packaged software, you can rely on the developer or vendor to assist when you identify a problem. Ultimately, they are responsible for maintaining the core of the application.
However, customised software comes with custom support requirements. Obviously, there is community support for most applications, but the quality of speed and service can vary enormously. A developer Slack channel may be useful for sourcing guidance and advice during early development, but what happens when the system has been placed into production and you have to build business processes that rely on it? What happens when your team either lacks the vision to realise the full potential of the OSS software, or they can’t find the answers to truly remedy issues? A community slack is unlikely to meet your needs in the necessary time when you have revenue on the line due to a fault in the technology your team is using.
Whether in testing or production, you need support you can rely on to unlock your business value and maximise ROI from your machine learning projects.
This is not to say that OSS is unsuitable for your needs – quite the opposite. But as you assess the risks of using open source software within your enterprise, you should consider the issue of support and how It will be managed. Seldon offers a guaranteed service level agreement, warranty and engineering support to minimise risk and help organisations reach their machine learning goals.
Total peace of mind for your mission critical ML deployments
At Seldon, we understand that technical challenges and risks often arise when managing more than a handful of machine learning models. As organisations scale their model deployment, they need a secure and reliable tech stack. We know Seldon users love our open source software Seldon Core but we are also aware of the challenges and governance issues it can hold.
The Seldon Core Enterprise experience offers priority access to engineering and delivery teams who can support dedicated workshops and system evaluations in order to realise the potential of your machine learning platforms and projects. Organisations can also subscribe to more in-depth customer success as well as ongoing support offerings. With Seldon Core Enterprise, teams have access to industry-leading technology for serving, inferencing and orchestrating without the challenges and risks that come with open source software.
To learn more about scaling with assurance with Seldon Core Enterprise, speak to one of our MLOps advisors today.