Monday Jun 20, 2011

Le Logiciel Libre – Omniprésent dans le secteur public

NOTE : Cet article a servi de base à du contenu publié en juillet 2011 dans le magazine Acteurs Publics.



Créé il y a plusieurs décennies déjà, pour répondre à un besoin de partage de savoir, et de compétences, le Logiciel Libre existe sous plusieurs appellations, à l'origine anglo-saxonnes, dont « Free Software » et « Open Source » sont les plus utilisées. En Anglais, le mot « Free » pouvant signifier à la fois libre et gratuit, cela a créé une certaine confusion qui n'existe pas en Français avec le mot « libre ». Du coup, on voit souvent l’acronyme FOSS ou FLOSS, pour « Free, Libre, Open Source Software » afin d'éliminer l’ambiguïté.


De nos jours, dans le secteur public, le logiciel libre est, depuis, devenu omniprésent. Il répond à plusieurs besoins critiques dont le contrôle des coûts, le choix (de partenaire, de logiciel, de fonctionnalités), la liberté de pouvoir modifier les applications pour les adapter à ses propres besoins, la sécurité provenant du fait que de nombreux développeurs et utilisateurs ont pu contrôler la qualité du code. Un autre aspect très présent dans les logiciels libres et l'adhérence quasi-systématique aux standards de l'industrie, qui garantit une intégration simple et facile au système d'information existant.


Il y a cependant des éléments à prendre en compte lors des choix de logiciels libres stratégiques.


Si l'aspect coûts est clairement un élément de choix qui peut conduire aux logiciels libres, il est principalement dû au fait qu'un logiciel libre existe souvent en version gratuite, librement téléchargeable. Mais ceci n'est que le le sommet de l'iceberg. Lors de la mise en production de logiciels il va falloir s'entourer de services dont l'intégration, où les possibilités de choix d'un partenaire seront d'autant plus grandes que le logiciel choisi est populaire et connu, ce qui conduira à des coups tirés vers le bas grâce à une concurrence saine. Mais il faudra aussi prévoir le support technique. La encore, la popularité du logiciel choisi augmentera la palette de prestataires de support possible. Le choix devra se faire suivant des critères très solides, et en particulier la capacité à s'engager sur des niveaux de service, la disponibilité 24 heures sur 24, 7 jours sur 7 (le pays ne s’arrête pas de fonctionner le week-end ou la nuit), et, éventuellement, la couverture géographique correspondant aux métiers que l'on exerce (un pays comme la France couvrant avec ses DOM et ses TOM une grande partie des fuseaux horaires et zones géographiques de la planète).


La plus part des services publics, que ce soit éducation, santé, ou gouvernement, utilisent déjà des logiciels libres. On les retrouve coté infrastructure, avec des produits comme la base de données MySQL, fortement appréciée dans le monde de l'éducation pour construire des plate-formes d'e-éducation en conjonction avec d'autres produits libres tels Moodle, ou GlassFish, le serveur d'applications très prisé des développeurs pour son adhérence au standard Java EE version 6 et sa simplicité de mise-en-œuvre. Linux est extrêmement présent comme système d'exploitation libre dans le datacenter, mais aussi sur le poste de travail. On retrouve des outils de virtualisation tels Oracle VM, issu de Xen, dans le datacenter, et VirtualBox sur le poste du développeur.


Avec une telle palette de solutions et d'outils dans le monde du Logiciel libre, Oracle se apporte au secteur public des réponses ciblées, efficaces, aux besoins du marché, y compris en matière de support technique et qualité de service associée.

Wednesday May 25, 2011

Picking your open source vendor

There are many reasons that may drive your company, division or service to decide to implement open source solutions, products or technologies for your IT. That is more and more an easy decision. Open source is being used all over the world, businesses, and governments alike.

The tricky part is not deciding to use open source, but rather to select which products to use and which vendor and/or system integrator you get them from.

Here is a list of some of the criteria you will want to take into consideration when selecting your vendor.

  • Strong financials and staying power. You want the vendor you pick will still be there for the whole duration of your project. Selecting an open source solution helps in that if your vendor disappears from the market, you can still find expertise to support your system, but it's still much better if the vendor is there and keeps driving the product development the way you expect it.
  • Enterprise class support, with global reach. In particular, make sure the vendor / integrator you work with can support your operations at any time you are conducting them, and in every location you are. If your service runs 24x7 all over the globe, the last thing you want to hear is that support only works 9-to-5 in one single timezone. If your IT is deployed in a location around the globe from your main office, it should benefit from support there as well.
  • Strategic relationship between your service and your vendor. Your  service or business depends on your IT. Your vendor should be involved strategically with you. The vendor should understand not only your IT needs, but your business needs, so that when you express new specific requirements, they are properly taken into account by your vendor the way you expect them.
It's not easy picking an IT solution. In fact, these criteria are very similar for open source and for proprietary software. The difference is that with open source solutions, you get the option of selecting alternate sources for support, maintenance, and future evolutions of your software and the guaranty that if one vendor has issues you can fall back to another without exit costs. It's like all the benefits of dual-sourcing your vendors... but with just one product and no migrating from one product to the other when changing vendor sources.

Some things change... blue to red...

My Sun blog has now been migrated (and added chronologically - more or less completely) to my Oracle blog.

And I'm happy to note that the blog software used is now roller, the Apache blogging platform that we used in the Sun days. I find that sweet.

You probably want to update your RSS feeds, though, the old one remains active, it seems...

Welcome to the new world!



Saturday Dec 25, 2010

A Virtual(Box) Christmas!

[Read More]

Monday Nov 15, 2010

Oracle Solaris 11 Express is available!

[Read More]

Wednesday Nov 10, 2010

Welcome, Bienvenue!

[Read More]

Wednesday Apr 07, 2010

7 Strategic Reasons to Use Open Source

Great reading on open source and why to use it at : http://solutionsfit.com/blog/2010/04/06/7-reasons-to-use-open-source-software/

Tuesday Mar 30, 2010

Piedmont makes Open Source legal, and preferencial

Fantastic decision of the Piedmont Regional Council which makes Open Source preferential in the region.

Monday Mar 29, 2010

Gordon Brown on Open Source

Taken from Gordon Brown's speech on Building Britain's Digital Future, what he says about Open Source :

"And rather than civil servants being the sole authors and editors, we will unleash data and content to the community to turn into applications that meet genuine needs. This does not require large-scale government IT Infrastructure; the ‘open source’ technology that will make it happen is freely available. All that is required is the will and willingness of the centre to give up control.

This bold new approach will transform the way services are delivered but, more importantly, it will be the vehicle through which citizens will come to control the services that are so important to their lives and communities.
"

I like that a lot! When Gartner (I seem to recall) claims that Open Source is what drives the European public sector market, this is the perfect example.



Wednesday Mar 24, 2010

Why using social security numbers for something else than social security is bad...

I keep repeating around the world that using social security numbers for anything else than social security is a bad thing.

One of the reasons ID theft is so big in the USA is specifically because of that. Your SS number appears in so many communications you get from so many sources (why, for instance, would you need to give your SS number to your bank in order to open an account - do they expect to be responsible for deciding what money you get from social security?)...

This paper published some time ago explains how it is possible to predict SS numbers for a non negligeable number of US citizens using publicly available data... that should be one more (if not enough of a) reason to stop using SS numbers everywhere, like the US does.

Time to change that system... fast!

Zero day flaws?

OK... This is where I will attempt to educate a certain population of journalists about terminology.

I keep reading about impressive new zero day flaws that are present in this or that product... So for the record, I'd like to go over this once again...

The term "zero day" doesn't apply to faults, vulnerabilities, bugs or holes. It applies to attacks and exploits.

A "zero day" exploit / attack is one that is present on the day that a fault it leverages is disclosed. That's why they are called zero day. Because they appear on that day. Not 1, 2, 3 or more days after...

What would a "zero day fault" be? It would be one that is announced the day it is announced... pretty dumb if you want my take on it.

So could all those journalists in need of sensationalism stop using the term "zero day flaw" which means nothing, and concentrate on proper facts, and their correct naming?

We now return to our original programming...

Tuesday Mar 23, 2010

Test your web apps with Google's new Skipfish vulnerability scanner!

Google's just made available a beta (for some reason, all the cool stuff I use from Google is labled "beta" these days) version of Skipfish, their new fully automated, active web application security reconnaissance tool (I'm quoting their page on that last sentence).

Grab the baby here!

It's looking very good to test your own code... but seems to be VERY noisy, so don't use it to stealthily probe other people's sites... you WILL get detected. :) (Maybe that's a voluntary design goal to avoid criminals using it - I have no issue with it.)

About

gravax

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today