How to Raise Awareness of Your Company’s Open Source License Compliance
The Linux Foundation | 02 March 2017
Communication is one of the seven essential elements to ensure the success of open source license compliance activities. And it’s not enough to communicate compliance policies and processes with executive leadership, managers, engineers, and other employees. Companies must also develop external messaging for the developer communities of the open source projects they use in their products.
Below are some recommendations, based on The Linux Foundation’s e-book Open Source Compliance in the Enterprise, for some of the best ways to communicate open source license compliance both internally and externally.
Internal Communication
Companies need internal compliance communication to ensure that employees are aware of what is involved when they include open source in a commercial software portfolio. You also want to ensure that employees are educated about the company’s compliance policies, processes, and guidelines. Internal communications can take any of several forms:
-
Email communication providing executive support and of open source compliance activities
-
Formal training mandated for all employees working with open source software
-
Brown-bag open source and compliance seminars to bring additional compliance awareness and promote active discussion
-
An internal open source portal to host the company’s compliance policies and procedures, open source related publications and presentations, mailing lists, and a discussion forum related to open source and compliance
-
A company-wide open source newsletter, usually sent every other month or on quarterly basis, to raise awareness of open source compliance
External Communication
Companies also need external compliance communications to ensure that the open source community is aware of their efforts to meet the license obligations of the open source software they are using in their products.
External communications can take several forms:
• Website dedicated to distributing open source software for the purpose of compliance
• Outreach and support of open source organizations which help the company build relationships with open source organizations, understand the roles of these organizations, and contribute to their efforts where it makes sense
• Participation in open source events and conferences. This can be at various levels ranging from sponsoring an event, to contributing presentations and publications, or simply sending developers to attend and meet open source developers and foster new relationships with open source community members.
Read the other articles in this series:
The 7 Elements of an Open Source Management Program: Strategy and Process
The 7 Elements of an Open Source Management Program: Teams and Tools
How and Why to do Open Source Compliance Training at Your Company
Basic Rules to Streamline Open Source Compliance For Software Development
Similar Articles
Browse Categories
2023 Compliance and Security Cloud Computing Projects Linux How-To Diversity & Inclusion Open Source Open Source Best Practices 2022 Training and Certification Cross Technology LF Research 2024 Newsletter LFX AI Legal Linux Foundation Research Topic: Data Blog Linux Networking and Edge cybersecurity Cloud Native Computing Foundation Data Governance LF Energy Open Mainframe Open Models OpenChain System Administration Topic: Security Topic: Sustainability eBPF generative AI human capital kernel license compliance maintainer openssf techtalentsurvey