The Case for Open Source
Dave Sobel
Outspoken Host of the Business of Tech and leading voice in the delivery of IT Services
This summer’s infamous CrowdStrike outage sparked a range of debates across the technologist community – including the pros and cons of open source versus legacy software.
?
One such pitch came across my desk from Doug Milburn, the co-founder of 45 Drives and VP of Protocase. His take? Open source could have prevented the incident entirely. I was skeptical, which meant I had to bring him onto a bonus episode of The Business of Tech to plead his case.
?
Here’s why Milburn believes open source should be every MSP’s go-to solution and a bit more about his work in helping folks deploy it.
?
The open source pitch
?
My first question for Milburn was simple: why does he think open source is the solution that we, as technologists, managed services providers, and IT services, should be deployed with customers?
?
In short, his pitch can be summarized as reliable performance, risk reduction, and, for SMBs, cost-effectiveness.
?
Digging into this a bit further, MSP folks generally see open source as a collection of many, many projects run by a guy or two in the middle of nowhere who doesn’t get enough support. So, in my view, open source seems to just trade one set of risks for another.
?
What does Milburn see that I don’t? Does open source actually function differently?
?
Because open source is just a concept, he believes it’s unfair to generalize it so broadly. Yes, it’s simply community developed software in theory, but in practice, Milburn describes it as driven by the people who use it – making it ultimately more powerful and efficient than proprietary sources. To him and fellow enthusiasts, it’s about how you use it.
?
As for legacy enterprise solution:
?
“They own you. And any time they can reach into your system and change things through forced updates and things like that, they can change the terms…You have this big contractual risk in that of people owning you and you have no control. You have to trust – you can't verify,” he said.
?
Of course, the open source alternative isn’t without risks; if you implement open source on an ad hoc basis, according to Milburn, you’ve traded ‘somebody owning you’ for what he calls ‘project risk.’
?
His main example here was the risk of faulty updates forced by proprietary software, which we all know was behind CrowdStrike’s crisis. The benefit of open source here isn’t just that you get to cherry-pick which updates you push out; because they’re vetted so heavily by the open source community, he views them as safer.
?
According to Milburn, using open source the right way means nearly all risk is reduced:
?
“The big thing in implementing open source is your approach. It's your architecture that you create at the start of it. If you create the right architecture, use the right components, and approach it the right way, you can get results that are so bulletproof, so safe, so reliable, and that will compete with just about anything that's proprietary,” he said.
?
And, while legacy solutions have the right to pull the carpet out from you (Milburn’s words), open source enables you to own and use your own solutions as long as you want.
?
As open source enthusiasts say, it’s all by the community, for the community.
?
领英推荐
Doesn’t open source create work for MSPs?
?
But, as an MSP, I had to push back here. He laid out the importance of carefully selecting, designing, and coordinating open source systems to reap their benefits safely – AKA, a ton of extra work for MSP and IT partners. Is it worth giving up the resources and partners that come with proprietary solutions?
?
I asked Milburn how he’d advise an MSP who’d have to carry that load without the support of other companies, and he pointed to his own company.
?
For MSPs without the resources to integrate open source themselves…
?
“You’ve got to get it from somewhere else. It's what we do in storage and virtualization, standalone servers, clustered, and Proxmox virtualization. We package it up, we make it simple, we automate it, we put the packages together, and we just make it really, really simple for our customers to use,” he said.
?
In other words, perhaps more companies will start to release similar services; in the meantime, this seems like a relatively new offering.
?
Should open source really be used …. everywhere?
?
I also wanted to clarify just how expansive Milburn thinks open source’s applications could be. Is he saying it should be used everywhere?
?
In Milburn’s view, proprietary doesn't make sense in the server room. And, at his companies, they’re starting to use Linux on desktops – it’s new, but they’ve had success in certain areas.
?
Again, his biggest issue with proprietary software is forced updates. In his own words:
?
“They can reach in through your firewall anytime they want, and they can change anything they want. What if they make a whoopsie honest mistake? Or what if somebody co-opted and decided to put a backdoor into your proprietary software, and then the updater reaches in and jams that backdoor in there?”
?
To me, this all implies that an MSP isn’t being used, because most providers manage patch rollouts and make sure the software works together – it’s literally our job, and no one I know would leave auto updates on.
?
What about interactions with legacy software?
?
At this point, I still wasn’t convinced we can get to a completely open source world, meaning that for line of business applications that need to be in place, interactions between open source and proprietary software still need to be dealt with. What’s Milburn take on that reality?
?
Again, it’s all about how much the MSP wants to be able to manage:
?
“You can go ask Microsoft to show you the source code because you notice something's bad. You're not getting it. You're taking them in faith. And that is the big difference,” he said. “It's a different pace, and it's a different level of trust and verify. There's a huge advantage to it if you're really serious about security, which I think people should be. So many of our customers take it very seriously… Open source, I believe, is the best way to take that seriously.”
?
?
Did Milburn win you over to team open source? I think I know your answer already, but as always, my inbox is open for reactions, insight, stories, or whatever else is on your mind.