Business Success with Open Source

Strengthen Your Business with Free and Open Source Software

by VM (Vicky) Brasseur

Free and open source software (FOSS) is everywhere and is the driving force behind nearly all software developed today. It doesn’t matter what industry your company is in: Learning more about how to use, contribute to, and release FOSS can be the strategic edge that your company needs. With the proper knowledge and approach, open source can form the cornerstone of a digital transformation effort, increase developer retention, decrease recruiting cycles, ensure reliable security, and reinforce the company brand. All this and more, by shifting your company’s FOSS strategy from accidental to intentional.

Free and open source software (FOSS) is the whetstone of the cutting edge. Your company is almost certainly using FOSS right now, whether you know it or not. FOSS is already part of your company, so you need to know how to manage it effectively and strategically. If you’re participating in a digital transformation effort, or reducing business risk, or building a product roadmap, or creating a company or team strategy, or if you need to round out your existing open source knowledge by filling in some gaps, this is the information you need.

Discover how to use, contribute to, and release open source projects effectively and strategically for your business. Avoid the dangers inherent in license compliance and other intellectual property matters. Incorporate community management to bolster the sustainability of projects that are critical to your company. Manage your software supply chain to track and maintain the projects your company relies on. Create policies and procedures both for inbound and outbound FOSS engagement. Develop tactics for community management to ensure corporate open source efforts remain on target for business goals.

Build your free and open source software strategy and go from accidental to intentional.

• Errata, typos, suggestions

Releases:

• P1.0 2025/04/08
• B9.0 2025/02/11
• B8.0 2024/11/12
• B7.0 2024/06/07

• Preface
• Fundamentals of FOSS
  • Lay the Foundation
    • Why FOSS Matters
    • What Is Free Software?
    • So Then What Is Open Source Software?
    • The Difference Between Open Source and Free Software
    • Community and Contributions
    • The Importance of Standards
  • Make the Intangible Profitable with Intellectual Property
    • IP Is the Foundation of FOSS
    • Introducing Intellectual Property
    • Trademarks
    • Patents
    • Copyright
    • Contributor License Agreements
    • Developer Certificate of Origin
  • Licenses: The Rules of IP Engagement
    • Basics of Licensing
    • The Contractual Controversy
    • Licensing Innovation: FOSS’s Killer App
    • Types of FOSS Licenses
    • What Makes a FOSS License “Open Source”
    • Summary of Some Common FOSS Licenses
    • Other Types of Licenses
    • Derivatives
    • Distribution
    • FOSS License Compatibility
  • Avoid Common FOSS Business Risks
    • Inbound FOSS Risks
    • Outbound FOSS Risks
  • Strengthen Your Business Through FOSS
    • Innovation and Digital Transformation
    • Lower Total Cost of Ownership
    • Reputation and Brand
    • Recruiting and Onboarding
    • Staff Retention
    • Diversity
    • Improved Security
    • Strategic Business Advantage
  • Introducing the Open Source Program Office
    • What Is an OSPO?
    • Does Your Company Need an OSPO?
    • Functions of an OSPO
    • What Kind of OSPO Do You Need?
    • Roles Inside an OSPO
    • Placement of an OSPO Within an Org Chart
• Inbound (Using) FOSS
  • Recognize and Acknowledge Your Inbound FOSS
    • Inbound Defined
    • Where to Find Inbound FOSS in Your Company
    • Inbound Stakeholders
    • Software Supply Chain
  • Inbound FOSS in Your Corporate Strategy
    • Role of Inbound FOSS in Digital Transformation
    • Avoid NIH Syndrome
    • More Rapid Innovation and Time to Market
    • Reduce Cost of Maintenance
    • More Secure Solutions
  • Establish Effective Inbound Policies and Procedures
    • Why We Need Policies and Procedures
    • Policies and Procedures Are Business Assets
    • Make Policies Useful (and Used)
    • Gather Knowledge and Collaborate for the Best P&P
    • Deploy Policies Effectively
    • Enforce the P&P
    • Evolve the Policies
    • Clean Up the Clutter
  • Get Started with Your Inbound Policies
    • Inbound FOSS IP Policies
    • Inbound FOSS Security Policies
    • Inbound FOSS Sustainability Policies
    • Inbound FOSS Integration Policies: Vendoring
    • Other Policies You May Need to Consider
  • Know the Links in Your Software Supply Chain
    • Supply Chain Defined
    • The Software Supply Chain
    • Types of FOSS Acquisition
    • Software Supply Chain Awareness Is Growing
    • How to Learn About Your Software Supply Chain
    • The Process (Roughly)
    • Tools
    • Software Bill of Materials (SBOM)
  • Maintain FOSS License Compliance
    • What Is License Compliance?
    • What Qualifies as Infringement?
    • License Compliance Enforcement
    • Consequences for License Infringement
    • Basic License Compliance
    • Inbound License Policies
    • Don’t Legislate. Automate.
  • Sustain. Maintain. Retain.
    • Sustainability Is a Business Matter
    • FOSS Sustainability
    • What Your Company Can Do About It
• Outbound (Contributing to and Releasing) FOSS
  • Level Up Your Business with Outbound FOSS
    • What Is Outbound FOSS?
    • Outbound Impacts the Entire Business Organization
    • Outbound Isn’t Limited to Code
    • Why Do Outbound FOSS?
  • Outbound Policies and Procedures
    • Outbound FOSS Policies
    • Outbound FOSS Procedures
    • Postponing P&P Is a Mistake
  • Strategic Benefits and Risks of Outbound FOSS
    • Be Clear About Your Goals
    • How Outbound Contributions Can Benefit Your Strategy
    • How Releasing FOSS Can Benefit Your Strategy
    • Risks of Outbound
  • Master Contribution Fundamentals
    • Contributions Sustain FOSS and Your Business Both
    • Ways to Contribute
    • Downstream vs. Upstream
    • Intellectual Property Considerations
    • Verify Your Corporate FOSS Contribution Policies
    • Track Company Contributions
    • Corporate Contribution Metrics
  • Develop Your Contribution Strategies
    • Identify Your Internal Constraints
    • Identify Critical Projects
    • Identify Project Needs
    • Define Your Contribution Strategy
    • Ensure Policies and Procedures Are in Place
    • Onboard Outbound Contributors
    • Get the Word Out
    • Start Contributing!
    • The Bees4Less OSPO Contribution Strategy
    • All Big Ideas Start Small
    • Rely on Your OSPO
  • The Strategy of Releasing FOSS
    • What It Means to Release a Project
    • Why Organizations Release Projects
    • Release Strategically
    • Choose What to Release
    • Styles of Project Releases
    • Bees4Less and the Open Hive
  • Releasing FOSS Projects
    • Collect the Release Team
    • Choose a Release Style
    • Name the Project
    • Prepare the Project for Release
    • Decide Whether to Use a CLA/DCO
    • Track Metrics and Measure Value
    • Choose Release Location
    • Select a License
    • Apply the License
    • Comply with Component Licenses
    • Prerelease Checks
    • Release!
  • Engage with Your FOSS Projects
    • Get the Word Out
    • Manage the Community
    • Manage the Project
    • Leave the Project
  • Incorporate FOSS into Business Models
    • What Is a Business Model, Anyway?
    • Open Source Is Not a Business Model
    • Making FOSS a Part of Your Business Model
    • It’s More About Business Than FOSS
    • Open Core