Six Major Risks of Open Source Phone Systems
It’s that time of the year again, budgets are being finalized and you just got the dreaded email saying you need to find a way to cut 10% off your IT budget. You run through the usual opportunities; conferences, travel, training, coffee service, your phone system—well that last one’s probably not on your short list. However, that does show up on a lot of IT leaders’ radars as a cost cutting opportunity.
Unfortunately, the conversation is generally short-sighted and organizations rarely have a true picture of the costs of a phone system. So, many companies look to open source phone system options as alternatives to more established systems that typically have “sticker prices.” On the surface, open source systems have a reputation for being famously inexpensive. Start with a little bit of know-how, add some IP phones and you’re in business, right?
If only it were that simple.
The up-front costs of an open source phone system might be slim to none, but the more you dig, the more you find costs – and risks – popping up down the road. So before you take the open source plunge on the promise of magical cost savings, be sure you consider these six factors – and the potential costs associated with them.
To clarify, when we say "open source phone systems," we're taking about true open source phone systems, where the entire source code is openly available to anyone online who can take it and use it to build their own phone system. We're not talking about proprietary phone systems, even if those proprietary phone systems offer lots of compatibility and interoperability with third-party technology, like the phone systems we offer at Mitel.
Whether an open source phone system is right for you or not, it’s important to fully understand the risks to make an informed decision that won’t come back to bite you down the road.
With an open source phone system, your IT team will need to have a more-than-advanced knowledge of how to install and configure all the necessary components to bring the system to life.
Unless you are going with a managed services option, your team will need to deal with servers, operating systems, open source software, and network configuration. Getting all of these things right isn’t easy, especially when you are trying to do it on your own from community-developed install and administration guides.
Managed services providers are companies that have seen a business opportunity to take on the management of the open source products for you. The problem with this is that you are simply paying someone else to manage your risk for you. The risk did not go away, and the possibility of incurring an unexpected expense for support has increased exponentially.
Support will always be a challenge with any type of open source platform, and open source phone systems are no exception.
Their most common flaw is the community, and not all communities are created equally. You are at the mercy of the IT professionals that are willing to take the time to share their knowledge of how things work in their environment. Often times you will be pointed to random support forums and information websites that are put together by the community.
How do you know if the answer you saw on the forum will fix your issue or make it worse? You don’t know.
No one is held responsible for putting out correct information about how the product works.
The “trick” to fix today’s issue might unravel into a larger issue the next time you apply an update to the OS on your server, a security patch to the application, or any change for that matter.
You have to trust that they told you the correct solution to your problem and it will continue to work in the future.
3. Product roadmap
In the open source community, you can typically find very little information on the exact direction a product set is headed. Sometimes these open source products disrupt the marketplace and push proprietary software vendors to advance their products, but most times, they lag behind the rest of the industry.
Vendors of proprietary technology spend hundreds of millions of dollars on research and development activities to push their products forward, as well as the underlying technologies that run those products.
Customers, boards, shareholders and more hold software and hardware vendors accountable for the direction their product sets are going. The open source community, however, typically responds to the loudest voice in the room—and not necessarily the one that creates the most value.
That feature you love? That process you use? With open source software, it could suddenly be sunset or go unsupported in future releases.
Working with a proprietary software vendor, you can rest assured they will be able to recommend a solution, because they simply know how their products are being used and the direction they are going in the future.
The age-old argument for using an open source phone system is that you can customize it in any way you see fit. You can integrate it with almost anything you can dream of. It sounds a little too good to be true, and it is.
Sure, you can customize to your heart’s content, but when you do, you just became a software developer. Is that the focus of your IT team?
Can you keep up with the necessary development cycles and cost to just keep it running? Probably not in your budget-cutting plans.
If you’ve been in IT long enough, you’ve heard someone say, “it worked with the last version, but not with this upgrade.” Working with a turnkey solution, your customization opportunities are limited, but supported. You will never be left out in the cold to figure it out yourself.
When you take an honest look at the customization needs of your business, you’ll most likely uncover that many needs are actually wants. And there’s a good chance you can save more money simply redesigning a business process than it would cost to support those customization wants.
The number one and two arguments I’ve heard for going with any open source product are the licensing cost and length of licensing agreement terms. Often, these open source phone systems are free or only cost a few hundreds of dollars to license.
But open source licenses typically include only the bare minimum
Costs for support, installation, customization – even the additional talent or skills required to get open source systems running and keep them running – can quickly add up.
On the other hand, most the things I’ve touched on so far are typically wrapped into the cost of licensing for turnkey software. You know what you are getting from the product when you pay the licensing fees. It’s all very up-front and transparent, while the costs of an open source system tend to be unplanned surprises.
Regardless of the term limit on your contract with a proprietary software vendor, you are just as committed to them as you are with an open source product.
From a legal standpoint, you can certainly walk away today from your open source product and use something else, but you still have to deal with migrating to a new phone system. Switching systems is not something you can do overnight—it will likely take you just as long as the term limit on your contract. Free licenses are simply the bait to get you on the hook for using their software.
The source code for the application lives up to its—namesake, open.
Anyone with a computer and a little time can simply download the same source files you did and dig through them for vulnerabilities.
They can even test out their hacks in real time to see if they work before they deploy them on an unsuspecting company. I don't want to over emphasize this to the point that it sounds too doom-and-gloom, but it's the reality of the situation.
This is not to say that proprietary software solutions are not vulnerable to security issues—security is a continuum, not a yes-or-no situation. But I would rather rely on the vendor that created the software, their development processes, their teams, and their contractual obligations that their software has been thoroughly tested for security flaws and all steps have been taken to mitigate these risk.
This again points to your willingness, or lack there of, to put your faith in the community of people that are checking the open source software for security flaws.
Understanding the true costs
Open source phone systems are very attractive to cost-conscious IT leaders. And for companies that truly know what they’re getting into and have the resources to support those systems, they may be a good option.
But be careful of how you define cost when evaluating open source phone systems.
You are likely to end up paying significantly more for that open source phone system (which promised you the cheaper price tag) than you would have if you went with a turnkey solution from commercially proven phone system provider.