Open source software provides organizations with a community-developed, inexpensive alternative to commercial products. Many enterprises have turned to open source solutions, particularly embracing the use of Linux operating systems, Apache web servers and MySQL databases. In a recent RSA presentation, security professionals from Urbane Security proposed a PCI DSS compliance model composed of open source solutions.

The argument for open source is straightforward – you don’t need to pay license fees for the software you use and the applications are community-driven. If you’d like a new feature, you can develop it yourself. The counterargument to the open source approach is that installing and configuring open source software can be tricky and time-consuming. Depending upon the product, support options may be limited to community discussion forums or require the payment of a premium support fee.

Read more: Can open source solve PCI compliance problems?

Published June 1, 2014 on SearchSecurity.com