Free software, also known as open-source software, sounds like a good way to cut already high IT costs. As the name suggests, it's free, thus it shouldn't cost anything. But is it really that simple? Let's find out.
As pointed out by Free Software Foundation, when talking about free software, free (libre) in this concept does not really mean free of charge (gratis). If you build your critical systems so that they are reliable on open-source software, there are still attached costs that you need to take into account:
1. The cost of system failures
If and when something goes wrong with your open-source software, among the consequences will be lost business opportunities, unexpected downtime, and maybe even compliance failures.
In a situation like this, having a 24/7 commercial support service would save your business by giving you immediate access to the best expertise there is and helping you mitigate the effects of the system failure to a minimum.
You should always consider the potential cost of extra downtime or compliance fees when evaluating the benefits of an open-source solution.
2. The cost of maintenance
Open-source or not, you always need to install and configure your software. Having this kind of knowledge and skills in-house means that you need to allocate employees' working time and possibly also a training budget towards it.
When your team maintains an open-source product on the side of other projects and not as their primary project, they might need to refresh their knowledge and skills before working on the product again. This might be detrimental to your business, especially in emergency situations when you need to get your open-source solution fixed fast (also see the cost of system failures above).
Additionally, open-source projects may come with source code only, meaning there is the extra burden of compiling source code whenever there is a new version. That also adds to the overall cost. Compare this to commercial software which almost always comes with distribution packages.
3. The cost of emergency support
If your critical system goes down, do you have enough in-house people on-call who know the system well enough to be able to quickly fix the problem? Keeping these people on your payroll and trained also adds to the overall cost.
4. The cost of non-compliance
Depending on your jurisdiction, your auditors might be more alert and thorough when auditing open-source software, especially if it is unsupported and no one can be held accountable. On the other hand, with commercial software, a uniform audit trail of activities can be generated with less effort.
Overall, when using an open-source solution, more work is needed from your side to pass an IT audit and receive a certificate. Also, the chances and costs of failing an audit are higher and something to consider.
Support for open-source SSH by SSH
We at SSH love all flavors of SSH, no matter if they are commercial or open-source. While our primary recommendation is to use a commercial solution, like our premium SSH client/server solution Tectia, we also realize that some customers have environments with OpenSSH install base and configurations. Thus, switching to Tectia might not always be viable at a given moment.
For these customers, we now offer Support for OpenSSH by SSH - world-class support, consultation, and training services for OpenSSH to help you mitigate the costs mentioned above. This applies to both pure OpenSSH and OpenSSH-Tectia hybrid environments.
No one knows OpenSSH as well as the company that started it all, and we welcome OpenSSH into our supported portfolio with open arms.