Overcoming the Pains of Supporting Open Source Software

Most of us know and use open source software (OSS) for its numerous benefits – cost savings, flexibility, freedom, security and accountability. Moreover, OSS has long-term viability, as it’s created and supported by a world-wide community of organizers and developers.

It’s easy to see why Open Source is highly appealing. However, OSS has been said to be “’free’ as in kittens.” The major pains of supporting Open Source Software is that it requires constant upkeep: maintenance, configuration and on-going support.

With the shift to OSS, several new challenges have presented themselves to our clients with regards to supporting open source software. Our maintenance team has categorized pain points into three areas and outlined methods to overcome open source software support concerns.

Managing multiple OSS providers.

This is a common pain point if you use and self-manage several different types of open source software. We like to think of this as the “DIY downside” of OSS. Having to regularly check compliance, version updates, community news and maintenance suggestions for multiple software packages can quickly become complex and overwhelming.

How do you overcome this?

Partner with a support service provider that has a similar OSS support platform as your hardware stack. Look for service features such as the ability to:

  • Assist with problem and resolution determination for a wide range of OSS
  • Provide Level 1 and 2 support, 7×24
  • Feature one phone number to call for all OSS types
  • Have one contract for all OSS needs

Hiring specific OSS consultants.

For most companies, hiring a specific consultant to support each OSS is simply too expensive.

How do you overcome this?

Don’t take on additional staff to support each OSS. You can benefit from an OSS support partner’s expertise in a wide range of packages, specific project knowledge and usually, save money in the process. Additionally, a proficient IT asset management partner should be able to provide consultative support for the environment around the OSS package.

Relying on communities and forums for supporting Open Source Software.

Community support is one of the awesome benefits of OSS. However, mining through support communities for an answer while a system outage is going on is not fun. Even when you aren’t in crunch-mode, spending valuable time looking through support communities is time consuming and can lead down rabbit holes.

How do you overcome this?

Treat your open source software like you treat the rest of your enterprise technology environment by having around the clock support in place. By partnering with a world-class support team, you should have guaranteed service level agreements that help create an “always on” environment. This translates into reduced downtime and helps save money.

VSS and IBM have adapted an award winning Multi-Vendor Portfolio Management and Maintenance Service Model to now provide end-to-end enterprise class support for your ecosystem – including Open Source Software.

Take advantage of World Class support with one, single source provider, guaranteed service level agreements and competitive pricing.

Contact our maintenance services team to talk about open source software.

Throw off the False Sense of Security Blanket

Throw off the False Sense of Security Blanket

Despite spending a substantive amount on enterprise security tools and experts every year, some CIOs and CISOs remain unsatisfied with the state of their organization’s security posture.

This disconnect seems to go hand-in-hand with an absence of central or holistic approach that takes into consideration all the people, processes and technology within the organization. Critical security management tends to fall to admins who deploy and interpret findings to the best of their abilities, but from a bottom-up approach rather than a top-down perspective.

Enterprise Security Tools

Gaining the Right Perspective

Threats, vulnerabilities, risks, security policies, compliance and consequences are all discussed within the context of any proposed enterprise security tool. A typical well-protected organization will have separate tools for application, data, network, endpoint, and mobile device management. Each tool will have its own set of admins, who will create their own set of security policies and rules, providing their own set of vulnerabilities, risk scores and consequences. This approach neglects the need for a central interface to aggregate the inputs to these tools such as security policies of the organization or aggregate the outputs of these tools such as offenses, vulnerabilities and risk scores. More recently, SIEM tools like IBM’s QRadarTM have taken an integrated approach and have started to address this integration and API capabilities to tie things together. Some SIEM platforms still leave a lot to be desired.

On their own, integrated enterprise security tools suffer from a lack of organizational context in the findings and offenses. The Security Management Services from VSS build upon those capabilities and provide CIOs and CISOs an organization-specific perspective; not from a “tool-up” view, but rather from an organizational view down to the tool, ensuring business needs and goals are met.

Focus on the Critical Areas

An organization, like a living organism, has its unique vulnerabilities specific to each critical functioning area.  The majority of today’s security tools do a good job focusing on securing a unique operation within the organization, but in doing so, can give a false sense of security that the entire organism is safe and healthy. Just like any healthy organism can fall prey to single humble virus, a very well-protected organization can be exploited by previously unknown threats. The emergence of new hazards like phishing, ransomware and the continued breach of respected and well-protected organizations is a testament to this now-familiar phenomenon. Today’s threats demand a fresh approach; an approach based on security management processes; focused on the people, processes and technology of an organization.

Security Management Services by VSS help make this happen by treating applications as a “composite asset”, or an asset comprised of more than one asset. Our security professionals help CISOs gather information about applications that need to be protected. We also track the internal team members who are responsible for using and managing these applications.

With VSS Managed Security Services, clients can expect:

Strategic Planning and Roadmap

We meet with executive leadership to capture the security management vision and goals of the organization. Based on this input, VSS proposes a phased, strategic roadmap with clear milestones and KPIs to measure progress. Transparency is maintained through scheduled annual, quarterly and monthly reviews, allowing all parties to assess the current state of security, and set goals for upcoming periods to mitigate risk and ensure compliance. Reviews cover:

  • Scope to ensure all assets are included
  • Asset vulnerabilities to identify and assign risk
  • Security policies to confirm and ensure compliance

Information Risk and Protection

Information Risk and Protection activities are ongoing. This includes:

  • Vulnerability testing and risk assessment
  • Security policy formulation and compliance
  • Application security reviews
  • QRadar log and flow expansion

Security Operations and Response

Our Security Operations Center offers 24x7x365 monitoring of the endpoints, networks, applications, and systems. This results in ongoing refinement of the security policies and the incident response plan.

Security Tools – Administration and Monitoring

Our team of Systems Administrators and Operators ensure that all security tools are working around the clock. This eliminates the need for our clients to hire expensive security resources to maintain their security investments.

Ready to take the first step in evaluating your organization’s enterprise security tools?

Contact our Security team to determine a holistic approach to security that takes into consideration the people, processes and technology that are involved in running your organization.

Throw off the False Sense of Security Blanket

Three Reasons to Rethink Your IT Maintenance Support

When hardware goes down, nothing is more infuriating than leading multiple vendors through a round of the blame game!

Now, let’s have a moment of silence for all the valuable minutes lost chasing manufacturer contacts down.

Maintenance Q1 - Blog Image

The new year lets us shine a light on how we approach support IT asset maintenance. From simple break-fix support to concise managed service capabilities, having the right technical team in place can not only reduce overall costs, but facilitate a positive return on investment and performance results on your networking, software, storage and systems.

Other IT professionals are thinking big picture when it comes to technical support. Have you considered how these stats might affect your organization?

  1. Bigger Business Stakes. As tech’s reach grows, so does the scale of its impact.
    • The average annual cost of downtime to organizations can be up to 16 million USD[1].
    • Gartner forecasts that connected things worldwide will reach 20.8B by 2020, creating a vast network of vulnerabilities[2].

More people and devices are connected than ever before, meaning IT is more involved throughout your business. This increased interconnectedness means that even a small incident can lead to significant downtime and costs. Conversely, preventing these incidents can give your organization a competitive edge.

  1. More Diverse Change to Manage. Get a handle on it now.
    • Over the next three years, 86 percent of IT and business executives expect the pace of technology change to increase rapidly or at an unprecedented rate[3].
    • By 2017, more than 50 percent of organizations’ IT spending will be for third-platform technologies, solutions and services[4].

Whether you’re updating aging infrastructure, adopting mobile and cognitive solutions, or expanding your business into new marketplace segments because of mergers or acquisitions, change isn’t easy—especially with limited capital budgets. You need quality support to help navigate change without disruption in a heterogeneous IT environment.

  1. Broader Support Options. Remember to KISS, things don’t have to get more complex.
    • Nine out of ten IT professionals have current or planned technical support contracts for three or more devices[5], resulting in support across their infrastructure.
    • Over half of IT professionals are using six or more vendors to support multiple devices[6], adding new complexity to their support.

Wrangling multiple warranty and maintenance service providers is hard work and can increase risk. These challenges become even more difficult to manage while trying to address new technology needs, manage costs and bridge the talent gap in your organization. Add it all together, and, suddenly, your time and support seem alarmingly slim.

Portfolio management and maintenance can be a bear for IT leaders. What are your biggest technical support hurdles? Share with us in the comments.

[1] 1 Veeam, 2016 Veeam Availability Report: How to Close a Widening Availability Gap, February 2016.

[2] Gartner, “Gartner Says 6.4 Billion Connected ‘Things’ Will Be in Use in 2016, Up 30 Percent from 2015,” press release, November, 2015.

[3] Accenture, Accenture Technology Vision 2016—People First: The Primacy of People in a Digital Age, August 2016.

[4] IDC, IDC FutureScape: Worldwide IT Industry 2016 Predictions—Leading Digital Transformation to Scale, Document No. 259850, November 2015.

[5] IBM, Technical Support Services Thought Leadership Study, August 2016.

[6] Ibid