IT security professionals like the idea of open-source collaborating and messaging solutions. So where the heck are they?

Respondents in a Ponemon Institute study released this week are generally positive about commercial open source applications, especially because of the assurance of continuity. However, despite those benefits, companies are slow to adopt, Ponemon found. 

Zimbra, a provider of open source collaboration software, sponsored the survey of 723 IT and IT security practitioners in the United States and 675 IT and IT security practitioners in 18 Europe, the Middle East and Africa (EMEA).

Heart of the Matter

2014-20-November-Larry Ponemon.jpg

Before we break down the numbers, let's address the obvious. Zimbra is an open source collaboration platform. The study finds people like open source software.

So we asked:

"This was independently conducted," said Larry Ponemon, chairman and founder of the Traverse City, MI-based Ponemon Institute. "We are ruthlessly independent."

Ponemon admitted that companies that sponsor research with his organization "get real angry at us" when results are counter to what they expected. 

"You can never predict the outcome," he told CMSWire. "I'm happy to report that the general population of IT practitioners have very good regard for a Zimbra-like solution. And it's not just Zimbra. There are other providers out there like this."

On to the Numbers

Ponemon wanted to learn from IT and IT security practitioners about their companies’ involvement in the use of open source messaging and collaboration solutions and their perceptions about the benefits, officials wrote in the report.

Some key facts:

  • The majority of respondents (57 percent) in the US and EMEA are either very familiar or familiar about their organizations’ security and data privacy policies or requirements
  • The average percentage of business applications used by their organization that is commercial open source is 30 percent in the US and 25 percent in EMEA
  • EMEA organizations are more concerned with the privacy consequences of messaging and collaboration. US organizations focus more on security
  • Respondents agree with the improvements created by commercial backing and code transparency for commercial open source messaging and collaboration solutions. EMEA respondents are most positive, especially about the reduction of privacy risks (66 percent of EMEA respondents and 52 percent of US respondents)

Dealing with Hiccups

Ponemon, through the study, found IT pros like the security of dealing with an open source community because, essentially, you have a larger community with which to work. There's no guaranteeing a proprietary vendor doesn't go bankrupt, and where does your source code go then?

"So many hiccups occur in the application layer and having open source is basically like an insurance policy," Ponemon told CMSWire. "You don't have to rely on a proprietary software vendor to come up with an appropriate patch. You have the world working on it."  

So why is adoption slow with open source? "Users," Ponemon said, "are locked into big brands, the Microsofts of the world."