Along my five years worth of learning new technologies and self study I have always been quite intrigued by the open source community. It has always amazed me what small groups or even single developers were able to accomplish. Tools, web apps with fully integrated features. I understand how difficult it must be for these developers to invest time into a project that they hardly get compensated for. I try to help out where I can with some of these projects that I feel comfortable with. Although these technologies are great many devs tend to leave or stop supporting projects just because they don’t feel like it is worth upholding such a commitment when they aren’t compensated accordingly. This can cause disruption between the people that use the programs and their use cases. Sometimes these devs release their ownership of a repository to others to manage.
After covering some issues with open source software/code I would now like to talk about what is great with open source communities. Some of the best tools/software/self study labs I have ever done were because of these open source repositories. I believe that self studying new technology is what makes me different than other in my field. I experience, test, and troubleshoot issues that some of these programs. Many businesses have at least a single service that runs off of a open source program, whether they realize it or not. We can’t forget about the cost. Many of these open source programs have paid features or paid support but is not required to pay for a subscription or licensing. As a result usually running open source software is cheaper than buying closed source licenses for the same task. Another great benefit is that if one does not like the way that a dev implemented features or coded something. They can can change specific parts and modify exactly what is necessary for their needs and reupload it while giving the proper citations of original author’s work. This also promotes security because everyone who may use the program, modify the program, or interact with it can see the code that was written to make this application. With hundreds if not thousands of individuals seeing the code written. If there seems to be a security issue it will be spread very quickly amongst the community and patched as quickly as possible. It is kind of like a checks and balances between the developer/s and the community.
As anyone in IT knows, there are some things that simply do not work all that well and is recommended to “trust” a third party with a service. Now I don’t like trusting anyone else or a corporation to do the task that is necessary for me but it has to be done in certain scenarios. For example, mail servers are usually now being deployed via Azure for a hybrid server situation because Microsoft simply is making it harder with each update to host an onsite Exchange server. Most will end up opting in for the hybrid exchange server than building an open source mail server because that would require a company to hire another IT professional to even manage and secure that server. It does not make any sense to build and manage an email server in the past 5 years. It is now considered an idea of the past.
So what services do I believe should be used in a small business?
- Firewalls- PFSense/OPNSense
- VPNs- OpenVPN/Wiregaurd
- Storage Servers-TrueNAS/Nextcloud
- Virtualization/Containerization- ProxMox/Docker/Kubernetes