Business Success with Open Source

Strengthen Your Business with Free and Open Source Software

by VM (Vicky) Brasseur

Free and open source software (FOSS) is everywhere and is the driving force behind nearly all software developed today. It doesn’t matter what industry your company is in: Learning more about how to use, contribute to, and release FOSS can be the strategic edge that your company needs. With the proper knowledge and approach, open source can form the cornerstone of a digital transformation effort, increase developer retention, decrease recruiting cycles, ensure reliable security, and reinforce the company brand. All this and more, by shifting your company’s FOSS strategy from accidental to intentional.

Free and open source software (FOSS) is the whetstone of the cutting edge. Your company is almost certainly using FOSS right now, whether you know it or not. FOSS is already part of your company, so you need to know how to manage it effectively and strategically. If you’re participating in a digital transformation effort, or reducing business risk, or building a product roadmap, or creating a company or team strategy, or if you need to round out your existing open source knowledge by filling in some gaps, this is the information you need.

Discover how to use, contribute to, and release open source projects effectively and strategically for your business. Avoid the dangers inherent in license compliance and other intellectual property matters. Incorporate community management to bolster the sustainability of projects that are critical to your company. Manage your software supply chain to track and maintain the projects your company relies on. Create policies and procedures both for inbound and outbound FOSS engagement. Develop tactics for community management to ensure corporate open source efforts remain on target for business goals.

Build your free and open source software strategy and go from accidental to intentional.

• Errata, typos, suggestions

Releases:

• B8.0 2024/11/12
• B7.0 2024/06/07
• B6.0 2024/05/08
• B5.0 2024/04/04

Note: Contents and extracts of beta books will change as the book is developed.

• Preface
• Fundamentals of FOSS
  • Lay the Foundation
    • Why FOSS Matters
    • What Is Free Software?
    • So Then What Is Open Source Software?
    • The Difference Between Open Source and Free Software
    • Community and Contributions
    • The Importance of Standards
  • Make the Intangible Profitable with Intellectual Property
    • IP Is the Foundation of FOSS
    • Introducing Intellectual Property
    • Trademarks
    • Patents
    • Copyright
    • Contributor License Agreements
    • Developer Certificate of Origin
  • Licenses: The Rules of IP Engagement
    • Basics of Licensing
    • The Contractual Controversy
    • Licensing Innovation: FOSS’s Killer App
    • Types of FOSS Licenses
    • What Makes a FOSS License “Open Source”
    • Other Types of Licenses
    • Derivatives
    • Distribution
    • FOSS License Compatibility
  • Avoid Common FOSS Business Risks
    • Supply Chain Awareness
    • License Compliance
    • Security
    • Liability
    • License Changes: Relicensing to Non-OSI-approved
    • Sustainability
    • Releasing or Contributing to FOSS Projects
    • Releasing IP
    • Security Considerations
    • Liability Again
    • Trademark Considerations
    • License Compliance
    • Maintenance Costs
    • Community Building and Management
  • Strengthen Your Business Through FOSS
    • The FOSS Benefits (AKA Why You Should Care)
    • Innovation and Digital Transformation
    • Lower Total Cost of Ownership
    • Reputation/Marketing
    • Recruiting and Onboarding
    • Retention
    • Diversity
    • Security
    • Strategic Business Advantage
  • Introducing the Open Source Program Office
    • What is an OSPO?
    • Does your company need an OSPO?
    • Functions of an OSPO
    • What Kind of OSPO Do You Need?
    • Roles Inside an OSPO
    • Placement of an OSPO Within an Org Chart
• Inbound (Using) FOSS
  • Recognise and Acknowledge Your Inbound FOSS
    • Inbound Defined
    • Where to Find Inbound FOSS in Your Company
    • Inbound Stakeholders
    • Software Supply Chain
  • Inbound FOSS in Your Corporate Strategy
    • Role of Inbound FOSS in Digital Transformation
    • Avoid NIH Syndrome
    • More Rapid Innovation and Time to Market
    • Reduce Cost of Maintenance
    • More Secure Solutions
  • Establishing Effective Inbound Policies and Procedures
    • Why We Need Policies and Procedures
    • Policies and Procedures Are Business Assets
    • Making Policies Useful (and Used)
    • Know Your Company’s Needs, Use Cases, and Risk Profile
    • Deploy Policies Effectively
    • Enforce the P&P
    • Evolving the Policies
  • Get Started with Your Inbound Policies
    • Inbound FOSS IP Policies
    • Inbound FOSS Security Policies
    • Inbound FOSS Sustainability Policies
    • Inbound FOSS Integration Policies: Vendoring
    • Other Policies You May Need to Consider
  • Know the Links in Your Software Supply Chain
    • Supply Chain Defined
    • Types of FOSS Acquisition
    • Software Supply Chain Awareness Is Growing
    • How to Learn About Your Software Supply Chain
    • The Process (Roughly)
    • Tools
    • Software Bill of Materials (SBOM)
  • Maintain FOSS license compliance
    • What Is License Compliance?
    • What Qualifies as Infringement?
    • License Compliance Enforcement
    • Consequences for License Infringement
    • Basic License Compliance
    • Inbound License Policies
    • Don’t Legislate. Automate.
  • Sustain. Maintain. Retain.
    • Sustainability Is a Business Matter
    • FOSS Sustainability
    • What Your Company Can Do About It
• Outbound (Contributing to and Releasing) FOSS
  • Outbound FOSS
    • Intro
    • What is outbound FOSS?
    • Outbound impacts the entire business org
    • Outbound isn’t limited to code
    • Outbound IP Policies and Procedures (P&P)
    • Outro/transition to next chapter
  • Outbound FOSS in Your Corporate Strategy
    • Intro
    • How Outbound Contributions Can Benefit Your Strategy
    • How Releasing FOSS Can Benefit Your Strategy
    • Risks of Outbound
    • Government Regulations
    • Transition to next chapter
  • Contribute to FOSS
    • Intro
    • Contributions Sustain FOSS
    • Types of Contributions
    • Downstream vs. Upstream
    • Intellectual property impacts
    • CLA/DCO
    • Establishing a Corporate FOSS Contribution Policy
    • Establishing a Corporate FOSS Maintenance Fund
    • Tracking company contributions
    • Corporate contribution metrics
    • Building this into the employment agreement
    • Transition to next chapter
  • Strategy of Releasing FOSS
    • Intro
    • Why release a project?
    • Expected outcomes
    • Plan for follow through
    • Is the project ready to release?
    • Strategic moves
  • Releasing FOSS Projects
    • Naming things is hard
    • IP considerations
    • Trademarks
    • Pay attention to government regulations
    • Sidebar - Export regulations
    • Maintenance & community management
    • What is a fork & why should you avoid one?
    • Where to release?
    • Hand to a foundation?
    • Document everything
    • Licensing the project
    • Pre-release checks
    • The release itself
    • Releasing non-software
    • Forking
    • Throw it over the wall
  • Business Models for FOSS
    • Intro
    • Business models
    • Selling open source products
    • Open Core