Trends in Corporate Open Source Engagement

Nithya RuffIn 1998, I was part of SGI when we started moving to open source and open standards, after having been a long-time proprietary company. Since then, other companies also have moved rapidly to working with open source, and the use and adoption of open source technologies has skyrocketed over the past few years. Today company involvement in open source technologies is fairly mature and can be seen in the following trends:

Open source no longer only optional

I will start by making a bold statement that all companies are using open source—ok, almost all. Some say that we live in a post-proprietary era, one in which there is open source mixed with proprietary in almost all areas of technology. According to the 2016 Future of Open Source Survey done by Black Duck and Northbridge, only 3% of respondents say they don't use any. Whether in their data centers, development tools, or to take products to market faster, open source software is used by most companies. Even financial services and healthcare companies are calling themselves technology companies first and delivering financial or other services second. Capital One and Goldman Sachs, for example, have large development teams that customize open source software to deploy new services. Many of these companies actively contribute open source code and start new projects to disrupt or create new markets. For example, Facebook has contributed more than 400 production-hardened projects, such as React, for others to use.

Open source as a platform for innovation

Open source helps lead innovation in many markets. Gartner's Hype Cycle for Open Source Software (2016) explains how IT departments are using open source today not just for cost savings, but increasingly for innovation. Gone are the days when open source lagged behind proprietary products in function and quality. In many areas, such as cloud, big data, machine learning, and DevOps, open source is on the cutting edge of innovation. Many companies choose to start new projects as open source rather than using proprietary methods. Adopting innovative technologies often means working with open source projects, such as the Hadoop ecosystem, OpenStack, Docker, Puppet, Kubernetes, and more.

Changing business models

Open source business models used to be predominantly subscription-based or freemium models (a free base version and upgrade charges for the premium version). Many Web 2.0 and SaaS companies are using advertising and service revenue models, and leveraging open source to build their infrastructure rather than to sell as a product. Instead of monetizing the software itself, companies developing and using open source software—such as Netflix, Facebook, and Google—can bring in revenue by using the software to deliver services.

Open source offices

Many companies are investing in open source offices that manage all aspects of the open source process, compliance, education, communication, and strategy for their companies. For example, I was the first open source strategy officer for SanDisk in 2014, after we realized that we needed to get strategic about how we used and engaged with open source technologies and communities. Serving as centers of competence and expertise, these offices work with developers to mentor and support them to be productive using open source solutions. They minimize the friction and time spent in compliance so developers can hit the ground running with open source. Open source offices also advise business leaders on how to engage and think about open platforms, business models, ecosystem building, and community engagement even before products are built. They work with legal teams to ensure that there is a robust and scalable open source compliance process in the company. You can learn about open source program and strategy offices at

Collaborative culture and innersourcing

Innersourcing, a term coined by Tim O'Reilly many years ago, describes companies adopting the collaborative and open development methodologies of open source inside the company. Innersourcing starts with changing the culture to one of sharing, collaborating on common projects, contributing to projects across the company, and using open and transparent tools and processes. Tools such as GitHub, Jira, and Jenkins have played a big role in helping teams work better together. Companies such as PayPal and Autodesk are proponents of this approach and see this as helping to cut duplication of code, priority inversion, enabling skills development, and to stage projects prior to open sourcing. (Learn more at the InnerSource Commons page on GitHub.)

Open source recruiting and culture

As search for tech talent becomes competitive, companies see open source as a way to build an innovation brand and to help attract the right talent to the company. One element of this is contributing code and projects to the community, which showcases the cool work that the company does and creates a pool of contributors from which to recruit. Because these developers are already knowledgeable about the project, the onboarding process becomes easier. Visibility of companies in leading and cutting-edge projects adds to the company's reputation and allows prospective employees to seek out the company. Companies are also working hard to change their practices and IT infrastructure to retain talent. Support for IT tools used by open source software developers— such as Git, IRC, Slack—support for personal contributions, and supporting types of consulting engagements helps companies keep open source talent. (Learn more about what companies are doing to retain talent in the 2016 Open Source Jobs Report.)

Diversity and inclusion

The tech industry is grappling with the lack of diversity within companies and in open source communities. Companies and communities are becoming more aware of the benefits of diversity, and there is an increasing willingness to invest within companies and cross-industry to help improve the situation. Open source foundations have become a great place for companies to work collaboratively on this problem. For example, the OpenStack Foundation's Women of OpenStack (WOO) supports training and onboarding, and acts as a support organization for women and people new to OpenStack.

Outreachy does a wonderful job of giving women and under-represented minorities a chance to work in open source projects with mentors and a support system. Their efforts help create an on-ramp to participation in open source for many people who are new to open source communities. In 2015, Red Hat launched its annual Women in Open Source Award, which recognizes influential leaders. Both of these initiatives are great examples of efforts to build an inclusive environment around open source.


After the publicity around HeartBleed and other exploits, the focus on open source security has increased. Because of the sheer volume of code used in mission-critical infrastructure and that open source fuels the move to cloud, security remains front and center for companies. There is more corporate investment in making sure that key projects, such as OpenSSL, are funded and cared for through initiatives. Compliance companies like Black Duck are also offering vulnerability scanning as part of their tools and services, and companies are paying attention to security patching, provenance, and versions used in their projects.


Although we think primarily of open source as a community-driven effort, key members of that community are companies and their employees. Whether contributing to the project, sponsoring events, or leading cross-industry initiatives, they are enabling the broader use of open source in all parts of the economy. Companies take compliance and community relationships seriously and want to see the open source movement succeed. By working together, organizations and communities can continue to fuel the amazing momentum of open source.

To learn more about trends in corporate engagement with open source, attend Nithya's talk at LinuxCon in Toronto on Monday, August 22nd.

Time to Choose: Are You Investing in Open Source or Not? was authored by Nithya Ruff and published in It is being republished by Open Health News under the terms of the Creative Commons Attribution-ShareAlike 4.0 International License (CC BY-SA 4.0). The original copy of the article can be found here.