The decision to deploy open source software is certainly complex, but then, so is any software purchasing decision. What's more, no business strategy is ever completely devoid of risk. The important point is that deploying an open source solution is not inherently any riskier than deploying a proprietary one.
Larger organizations tend to be more risk-averse, but any company will want additional assurances around key business processes. For this reason, it's advisable to engage a reputable open source vendor before deploying open source for mission-critical systems. The criteria for choosing the right vendor are essentially the same as those used to evaluate proprietary software vendors.
Commercial support contracts for open source software usually incorporate some form of indemnification clause, which can provide additional protection for customers against potential IP infringement claims. Again, however, such clauses are standard practice for proprietary software licenses as well. The fact that open source vendors offer indemnification should not be construed as evidence that open source is more vulnerable to IP disputes than proprietary software.
Business alliances, such as the one between Microsoft and Novell, may claim to offer customers even greater protection, but the broader industry remains deeply divided as to the wisdom of such deals. In the absence of actual litigation, their value to customers is difficult to ascertain.
Companies that plan to modify open source software or embed it into their own products are usually unique cases. They should consult both their vendors and their own counsel to ensure that their use of the code does not violate the terms of its license or any trademarks.
More typical customers, however -- those that fall into the "end-user" category -- have little to fear. Now that the business models around commercial open source have matured, leading open source vendors are able to offer customers many of the same assurances as established proprietary software companies. As a result, given proper understanding of the concerns and potential risks of their decisions, enterprise IT professionals should be able to purchase and deploy open source software with confidence.