recommended reading

Agencies see advantages to open source content management systems

Many people were terrified when the Commerce Department first considered moving to an open source content management system for its main website, the agency's new media director said Thursday. made the transition in mid-2010 to a CMS from Drupal -- among the most popular open source communities worldwide. Many other federal sites have moved to Drupal during the past three years, including and

Open source software was typically built for a specific purpose, but designers made its underlying code generally available as a public service. The White House, for instance, has published the code for many of its transparency initiatives.

"When we first mentioned [transitioning] here at Commerce, people freaked out," New Media Director Mike Kruger said. "Not because there were specific concerns, but because the idea of open source was that it was run amok, that it could be anything, that it could be some hacker in a basement that built this thing."

As officials became more familiar with open source systems, their security and usability concerns diminished, Kruger said.

That's partly because Drupal and other open source systems let users see how many times a system has been adopted, he said, so there's typically a much broader performance record than with a company-built system.

Kruger was speaking at a Web presentation sponsored by Fierce Government, a government technology media company.

The government embarked on a massive Web reform effort in June that will likely involve significant restructuring of major agency websites and will force agencies to choose between open source and vendor-built management systems. The reform effort is aimed both at paring down the federal Web footprint, which had grown to nearly 2,000 top-level domains, and partly at making federal Web content easier to search and navigate.

The advantages of using an open source system, Kruger said, include having more control over your own data and content and significantly lower upfront costs.

"Drupal is free but it's free like a puppy is free," he said, noting ongoing maintenance and upkeep costs.

The downside to an open source CMS is that it requires significantly more work on the agency end, either by in-house coders or by vendors that manage the transition and maintenance.

"If you don't want to do any coding, this isn't the solution for you," he said.

The ability to include nearly anything in an open source system -- as opposed to relying on pared down, standardized offerings from a vendor -- also can lead to paralysis, he said, especially in a large organization where a lot of different divisions have an interest in what goes online. Or, if coders say yes too often, an agency could end up with an overstuffed site that does everything but not very well -- something the website reform effort is meant to avoid.

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.