Only 20% of corporate OSS users manage components

Only about 20 percent of companies using open source components have lock down controls and fewer than 50 percent have corporate policies in place to manage component usage, according to a study of 2500 developers released by component repository vendor Sonatype
Written by Paula Rooney, Contributor

Less than one quarter of all corporations that use open source components manage them effectively but management is growing.

Based on a recent survey of about 2,500 developers released by Sonatype today, roughly 20 percent, or 500 respondents, said they were locked down and could only use corporate-approved components, compared to 13 percent in a similar but smaller survey performed a year ago.

Fewer than 50 percent -- 49 percent -- indicated they had a corporate policy in place and 63 percent acknowledged that corporate standards are not enforced or there are none in place. But that's still up from last year's survey, in which almost 90 percent said there were no corporate policies at all.

Use of open source components continues to rise. According to Sonatype, which markets a repository for managing components, about 80 percent of the survey respondents use open source tools,. about 50 percent have embraced an open source development infrastructure stack and more than 65 percent contribute to open source projects,.

"Key to modern development practices is the use of open source components to build mission critical applications," the company said in a statement today listing the findings. "While reliance ..increases ... limitations on the visibility, control and management of their use throughout the enterprise continues to plague organizations."

Editorial standards