India's MeitY released its formal Open-Source Software policy in 2015. A decade later, in 2025, the policy was tightened with a stronger preference clause. In 2026, every Central PSU and most state IT secretariats now have an explicit "open-source first" mandate in their procurement guidelines — yet the actual share of open-source in production government IT remains under 30%. The gap between policy and execution is the most expensive thing in Indian government IT today.
This article is for the IT Director, CIO, or CTO trying to actually move their estate toward open-source. Not the philosophical "why open-source matters" essay. The practical "how do I do this without losing my job" playbook.
Why open-source matters for Indian government, in real terms
- Source-code custody: You own and can modify your own systems. No vendor can withhold support or features.
- Cost trajectory: No per-user SaaS subscription compounding over a decade.
- Sovereignty: Code can be audited line-by-line by your security team. No undisclosed back doors. No "trust us, it's safe" from a foreign vendor.
- Interoperability: Open standards beat proprietary protocols. Your data flows where you choose.
- Local capability building: Your in-house IT cell can read, modify, and extend the code. Skills compound year-on-year.
- Vendor independence: Original vendor exits? Hire any other Indian dev shop to maintain it.
The honest pushback on open-source — and how to address it
"Who do we call when it breaks?"
Same answer as proprietary: a vendor on retainer. The difference is you can switch vendors without re-buying the software. We've seen state IT secretariats run open-source ERPs supported by 3 different vendors over 8 years — same software, three different support contracts, smooth transitions each time.
"Our auditors prefer proprietary because of accountability"
This is a misconception. Source-code escrow + maintenance SLA gives stronger accountability than proprietary, not weaker. CAG and internal audit teams have endorsed open-source-with-SLA across multiple Central PSUs since 2022. The model is mature.
"Big-vendor proprietary is a known quantity, open-source is risk"
Risk audit reverses this. Big-vendor lock-in is a known catastrophic failure mode (you've seen the news about ₹crore-stranded projects). Open-source-with-source-custody has no equivalent failure mode. The vendor can fail; the system continues to run because you have the code.
"Our existing systems run on Oracle / SAP / Microsoft. Migration is too costly."
Don't migrate them. New builds = open-source by default. Existing legacy systems = continue with current vendor until end-of-life, then re-platform on open-source successor. Phased, not big-bang.
The pragmatic open-source stack for Indian government IT
| Layer | Open-source pick | Replaces | Risk |
|---|---|---|---|
| OS | Linux (RHEL / Rocky / Ubuntu) | Windows Server | Low — already widely deployed |
| Database | PostgreSQL | Oracle DB / MS SQL | Low — production-proven at scale |
| App framework | Laravel · Django · Node.js | SAP / Oracle Apps / .NET | Medium — needs developer skill |
| Web server | Apache / Nginx | IIS | Low — universal |
| Mobile | React Native · Flutter | Native iOS/Android by separate teams | Low — single codebase |
| BI / dashboards | Apache Superset · Metabase | Tableau · Power BI | Low for govt use cases |
| HR / Payroll | Custom (or Frappe/ERPNext base) | SAP HCM / GreytHR | Custom build needed for PSU rules |
| Office suite | LibreOffice · ONLYOFFICE · Bharat-OS suite | Microsoft Office | Medium — user training needed |
The MeitY-aligned procurement template
The MeitY Open-Source Software Policy (2015, revised 2024) requires that government tenders for new IT systems mandatorily evaluate OSS. The implementation gap: most RFPs include OSS evaluation as a checkbox, not as an actual selection criterion.
To align procurement with policy, your RFP needs three structural changes:
- Open-source delivery as mandatory deliverable — not a "preferred" or "optional" item. State that all source code, libraries, and customisations shall be delivered under MIT/Apache/GPL, with full ownership transfer to the procuring agency.
- OSS-first technology stack mandate — bidders must propose OSS components for OS, DB, web server, app framework. Closed-source allowed only with documented justification (e.g. specialised statistical software with no OSS equivalent).
- Cost evaluation over 5-year TCO — not just upfront cost. Per-user SaaS pricing must be projected over 5 years and added to the bid value. This kills the SaaS subscription games.
Real example: state IT secretariat moving off Oracle EBS
A state IT secretariat we worked with had been on Oracle E-Business Suite for HR + Finance since 2009. By 2024 they were paying ~₹1.8 crore/year in licence + support + customisation CRs. The 2025-26 renewal quote: ₹2.3 crore/year. They paused.
The migration plan they ran:
- Year 1: New HR module built custom on PostgreSQL + Laravel. Open-source delivery. ₹42 lakh build + ₹6 lakh/year hosting.
- Year 2: Finance module built custom (with help from a finance-domain consultant familiar with state-treasury integration). ₹65 lakh build.
- Year 3: Decommission Oracle EBS. Net annual saving: ~₹1.6 crore.
- Year 4 onwards: Continue with custom on open-source. Maintenance via two-vendor competitive contracts (the second vendor took over from us in year 4 with a clean handover; we audit annually).
5-year cumulative saving vs renewal: ~₹6.8 crore. Plus full source-code custody, no future SaaS escalation risk.
📐 We build government IT this way
Custom government / PSU software with open-source delivery, on-premise hosting, MeitY OSS-policy aligned. You own the IP. You can replace us anytime.
How to start (next 90 days)
- Days 1-30: Identify the next IT system you'd renew or build from scratch. Run a parallel discovery: what would the open-source equivalent look like? (We'll do this for free for any qualifying PSU CIO who asks.)
- Days 31-60: Re-write the RFP with the three structural changes above. Circulate internally for vetting. Take vigilance approval for the changed RFP language.
- Days 61-90: Issue the RFP. You'll receive bids from open-source-friendly vendors AND from the usual big-vendor incumbents. Compare on 5-year TCO + IP-custody clauses.
This single procurement cycle, if done well, will save you anywhere from 40-90% of the lifetime cost vs the proprietary alternative. And once one tender is structured this way, the template is reusable.
The DPDP Act 2023 angle
The DPDP Act creates new obligations on Data Fiduciaries (which most government departments are). Auditing a closed-source SaaS for compliance is hard — you can't see what they do with the data. Auditing your own open-source system is straightforward — your security team can read every line. The DPDP Act effectively raises the cost of using closed-source by introducing audit risk that didn't exist before.
Final thought
Open-source government IT isn't a philosophical position. It's the cheaper, more sovereign, more flexible operating model for the next decade of Indian government computing. Your successors will be far happier with an open-source estate than with a proprietary one. Build for them.
The vendors who push closed-source are the ones whose business model depends on your dependence. Notice that the vendors who comfortably propose open-source delivery are the ones whose business model depends on doing the work well. That's the market signal.
Want our MeitY-aligned RFP template for OSS-first procurement? WhatsApp Kashvi at +91 99939 82666. — Kashvi
Get the MeitY-aligned OSS-first RFP template
Free for PSU / government CIOs · 5 structural clauses · Battle-tested
💬 Request the template See Govt/PSU programme →