Statement to California Performance Review



Similar documents
Open Source Software: Recent Developments and Public Policy Implications. World Information Technology and Services Alliance

Vendor Focus for IBM Global Services: Consulting Services for Cloud Computing

Some Specific Parawise Suggestinons. 2. An application which collects and analyzes this data for further consolidation and,

Microsoft & Open Source Software

Position Statement on Electronic Voting

Testimony before the House Insurance Committee: Public Adjusters. Presented by: Jack Yanosky, Director Bureau of Licensing and Enforcement

Security Through Transparency: An Open Source Approach to Physical Security

Chapter 4: Key Conclusions from the Evaluation of the Current Washington Tax Structure

SECURITY METRICS: MEASUREMENTS TO SUPPORT THE CONTINUED DEVELOPMENT OF INFORMATION SECURITY TECHNOLOGY

AUDIT REPORT. Follow-up on the Department of Energy's Acquisition and Maintenance of Software Licenses

Datamation. Find the Right Cloud Computing Solution. Executive Brief. In This Paper

Touch Points Touch Points Step 1 Spend Areas Step 2 Creating and Developing a Sourcing Team Executive Sponsorship

GOVERNMENT DATA RIGHTS CHALLENGES:

TBR. Rugged PCs: Providing value through reliability. A Technology Business Research Inc. study conducted for Panasonic.

The Value of Oracle Database Appliance (ODA) for ISVs

Cloud based Contact Center: Does it Make Sense for Your Business?

Statement of the U.S. Chamber of Commerce

UNITED NATIONS COMMISSION ON SCIENCE AND TECHNOLOGY FOR DEVELOPMENT (CSTD)

Total Cost of Ownership and Return On Investment Financial Benefits of Our Software Solutions

POINT OF VIEW. The Critical Role of Networking in Enterprise Resource Planning. Introduction

Prepared by the Commission on Environment & Energy

SECURITY CONSIDERATIONS FOR LAW FIRMS

COMESA Guidelines on Free and Open Source Software (FOSS)

How To Secure An Rsa Authentication Agent

The 5 Questions You Need to Ask Before Selecting a Business Intelligence Vendor. Share With Us!

Open Data Center Alliance Usage: Provider Assurance Rev. 1.1

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Lawson Healthcare Solutions Optimization of Key Resources Forms a Foundation for Excellent Patient Care

THE HUMAN FACTOR AT THE CORE OF FEDERAL CYBERSECURITY

Rating Methodology for Domestic Life Insurance Companies

Mr Duisenberg discusses the role of capital markets and financing in the euro area Speech by Willem F Duisenberg, President of the European Central

Claims Paying Ability Ratings for General Insurance Companies

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

SORTING OUT YOUR SIEM STRATEGY:

Internal Revenue Service

10 Steps to Establishing an Effective Retention Policy

Beyond the Hype: Advanced Persistent Threats

Opportunities in credit higher quality high-yield bonds

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.

Microsoft s Open CloudServer

TO OUR SHAREHOLDERS A MESSAGE FROM THE CEO. shareholders equity ratio and ROE both rose to over 10%.

Sorting out SIEM strategy Five step guide to full security information visibility and controlled threat management

Best Practices. for Treasury, Agency Debt, and Agency Mortgage- Backed Securities Markets. Revised November 2012

September 30, Re: Request for Information Regarding Expanding Access to Credit Through Online Marketplace Lending

Dean C. Garfield President & CEO, Information Technology Industry Council (ITI) Committee on Energy and Commerce

Eliminating Double Taxation through Corporate Integration

Open Source Voting Systems

Zone Labs Integrity Smarter Enterprise Security

What is Intellectual Capital?

Network Intrusion Prevention Systems Justification and ROI

Supplier s Guide. A guide for identifying business opportunities

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

HANDOUTS Property Taxation Review Committee

How To Use $250 Million Of Settlement Money For Housing In Florida

IBM Software Universal Health Identifiers: Issues and Requirements for Successful Patient Information Exchange

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY

E-Guide. Sponsored By:

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

by David Hebert, Managing Director, Oracle Applications, Answerthink and Dr. David Oppenheim, Director, Delivery Services, Answerthink

REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION

Video Conferencing: A TCO Analysis

Application White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off

How To Test For Security On A Network Without Being Hacked

2. OVERVIEW OF THE PRIVATE INFRASTRUCTURE

Strategy and Performance Management in the Government

CITY OF BOULDER IT GOVERNANCE AND DECISION-MAKING STRUCTURE. (Approved May 2011)

HP Security Solutions for Microsoft

ADVANTAGES OF IMPLEMENTING A DATA WAREHOUSE DURING AN ERP UPGRADE

10 Best Practices in Printer Fleet Management

Open Source Telephony. for Government

Transcription:

Statement to the California Performance Review Presented by: Roxanne Gould Senior Vice President AeA (American Electronics Association) August 27, 2004 1

Madam Co-Chair Kozberg, Co-Chair Hauck, and other members of the CPR Commission, I want to thank you for giving AeA the opportunity to appear before you today to discuss the CPR Report and, in particular, the important issue of California s software procurement policy. AeA is the nation s largest high technology trade association, representing over 3,000 companies with 1.8 million employees. Our members include companies that create proprietary software, open source software (or OSS ), and software containing both proprietary and open source elements, as well as the hardware platforms such software runs on. We therefore appear today with great interest in California s software procurement policy, and hope that our experience and views will lend to the creation of a well-conceived policy that allows the market to pick winners and losers and that best serves the interests of California s citizens. Let me begin by emphasizing that we fully support the objective of the CPR to ensure the most efficient use of government resources to serve the people of California. We also agree that use of the best software in government systems can help secure such efficient use of 2

government resources. Moreover, we agree that both proprietary (or commercial) software and OSS are vital components of the software marketplace, and having choice among such a wide selection of software is vital to assuring important government procurement objectives. We have concerns, however, that the CPR Report s emphasis on OSS does not provide a balanced picture of the software marketplace and suggests an implied preference for OSS that could lead state agencies to make poor procurement decisions. The CPR Report assumes that OSS is a less costly alternative to commercial software. Yet, the best way to achieve the efficient use of state resources is through a highly competitive procurement process that seeks to obtain the best value for the taxpayers money. In determining the value of a particular software product, the State must consider Total Cost of Ownership. This concept comprises many elements, of which licensing fees typically constitute under ten percent. Other important factors include the costs of training, maintenance, repairs, and upgrades. It is not uncommon for the Total Cost of Ownership of a commercial software product to be less than that of an OSS-based alternative. 3

Moreover, the value of any software is determined by the quality of the product delivered to the end user. Qualitative components of value include reliability, functionality, security, availability, and interoperability. Thus, any cost/benefit analysis of a software product should include these qualitative considerations in addition to the various cost inputs that compose the Total Cost of Ownership. The CPR Report also suggests that open source software necessarily is more secure due to scrutiny given the source code before it is deployed. However, any information technology security expert will tell you that all software whether OSS or commercial faces security challenges. Only a combination of firewall, anti-virus protection, and timely installation of patches can provide a reasonable degree of security to any software program. Thus, the key is not just how many people review the code for initial vulnerabilities although commercial software makers also have many layers of eyes reviewing and testing their initial code but rather how security is approached holistically. There are many factors which impact the security of a technology, and how that software is licensed is of marginal important compared to the culture and competence of the specific developers 4

involved. Rather than blindly assuming one model is superior, each product needs to be evaluated on its own merits; not just to identify existing risks, but also to ensure proper systems are in place to mitigate those risks once deployed. Likewise, the Report highlights the advantages of software customization, without discussing its attendant pitfalls. The Report states that the openness of source code offers organizations the flexibility to modify the code as needed for specific uses. Although this feature may be beneficial in certain applications, in many contexts the alteration of source code carries the potential to significantly impede consistent system operability and functionality. Moreover, when performed incorrectly, customization may result in increased costs in the form of additional service and compromised security. Such vulnerabilities make IT systems less stable and reliable. Indeed, the past three decades have seen a movement toward greater standardization for the very purpose of avoiding the problems typically associated with customization. Again, this is not to suggest that customization is necessarily problematic. We simply emphasize that a technology-neutral procurement policy would favor 5

such characteristics only when they are consistent with the specific IT objective at hand. Finally, the Report ignores the incentives for innovation offered by the commercial software model. Over the years, software development has become a highly productive industry, generating billions of dollars in tax revenue for our country s state and federal treasuries. This success is due in no small part to the efforts of commercial software developers. By availing themselves of intellectual property protections, these developers realize appropriate incentives to continue the cycle of innovation. The assurance of an adequate revenue stream enables software companies to conduct the research and development necessary to continue to supply the market with reliable, tested, and secure products that meet consumer needs and demands. A procurement policy focused primarily or exclusively on initial licensing cost would subordinate these quality-oriented objectives to the sole interest of offering the lowest sticker price. Such a system would stifle innovation over the long term, undermining the industry s ability to continue to provide the increases in productivity that have become its hallmark. 6

As in any commercial environment, the market will achieve optimum efficiency when it is allowed to function on the basis of free and open competition. Any preference for a particular development or licensing model will only impede that objective by favoring certain products without regard to whether the market would choose a more efficient alternative. And, make no mistake: We have serious concerns that, by suggesting that state agencies broadly may benefit from using software developed under the open source method of development, the CPR Report expresses a distinct preference and encourages decisions not based on objective criteria. By contrast, a competitive, merit-based and technology-neutral procurement system will yield efficient results on a consistent basis. Under such a system, open source software may still be acquired and used where its overall value exceeds that of its competitors, while commercial software will not be excluded when it offers a greater overall value. In closing, the AeA urges the Commission and the State of California to consider the benefits, both to the government and to its citizens, of a technology-neutral software procurement policy. The State and the people will be best served by a system that allows for 7

maximum competition and the broadest possible spectrum of choices. That is all the AeA seeks. Thank you. 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information