Role of Risk Management

Nicholas Wells

Thursday, July 15th, 2004

Share This:

Recently, a company named Open Source Risk Management (OSRM, located at http://www.osriskmanagement.com) conducted an extensive review of the Linux 2.4 and 2.6 kernels and concluded that the kernels contain no copyrighted code. With their review complete, the company is now offering indemnification for legal costs associated with open source software, at a rate of $30,000 for $1 million of coverage.

While some have accused OSRM of building on fears generated by SCO to sell a product that no one really needs — in effect soiling the purity of Linux with excess commercial baggage — OSRM’s insurance is a product that’s needed and its arrival is a sign of the maturity of Linux. Headed by Yale-educated attorney Daniel Egger, a venture capitalist, OSRM is working with open source leaders, as well as Global 500 CIOs, to remove a serious, but less-discussed obstacle to the adoption of Linux and other open source technologies: risk management.

Previously, if a far-thinking (or paranoid) CIO had questioned his or her IT staff about legal liabilities surrounding the use of Linux, the responses would likely have been a shrug and a convinced (albeit erroneous) “that can’t happen.” Now, whatever the outcome of SCO v. IBM, the case has caused users to set aside Pollyanna views about Linux, sparking concerns about trade secrets, security hazards, errors and omissions, infringement of copyrights, trademarks, and patents.

To be sure, these concerns aren’t limited solely to Linux. A business must limit its risk and liability…

1. Claws Mail: Mail with Attitude
2. IE8 vs. Firefox: Four Things Firefox Could Learn from IE
3. Vimperator: Use Firefox the Vim Way
4. Customize Chrome for Better Browsing
5. Jetpack Gearing Up for Production: Look Out Chrome?