Public sector IT chiefs given go-ahead to use open source systems for security

Public sector IT chiefs have been told not to be scared of using open-source software to secure their systems.

Speaking at the government ICT conference in London Ian Levy, technical director at the Communication Electronics Security Group (CESG), said local authorities need to realise the organisation supports the deployment of non-proprietary software for security purposes.

He highlighted Bristol City Council as an example of one authority that had gone ahead with this approach, despite having originally believed it was prohibited from buying open source.

"They thought they had to use Novell or Microsoft and the CESG would not have supported its use of open source," Levy said on Tuesday.

On that occasion he stepped in to explain to the council there were no barriers in place against buying open-source technology.

"Software attracts security threats no matter what it is but the risk depends on how you manage them," Levy said.

"Apache is a great example of good open-source software organisations can use."

Levy said the public sector should wake up to the realities of how open-source technology is created to take advantage of its benefits.

He explained there was a world of difference between large open-source communities like the Apache Software Foundation, which have strong development teams behind them, and a developer creating open-source software in his living room.

Too often public sector officials confuse the two, he added.

In March last year, the coalition government promised to commit to open-source technology to cut public spending on government ICT where appropriate.

But while the government has claimed it is committed to the use of open source software, uptake of the software in the public sector has so far been slow.