Executive Order Engenders IT Security Concerns
According to some civil liberties groups, one of President Obama's most recent executive orders has potential to disrupt IT security for some businesses. The executive order, termed the "Assignment of National Security and Emergency Preparedness Communications Functions," grants new powers to the Department of Homeland Security. According to civil libertarians, these powers include the ability to take over both information networks and communications networks, even those that are run by private companies, in the event that a national emergency requires such a takeover.
The White House has explained the executive order simply as an update to existing policies first began in 1984 under President Ronald Reagan. Since those policies were developed before the terrorist attacks of September 11, they are now regarded as not adequate to address current concerns. To take just two issues: in 1984, the internet did not exist in the sense it does today, and neither was there a Department of Homeland Security.
The Electronic Privacy Information Center, or EPIC, has noted that the executive order in question would empower the DHS to "seize private facilities when necessary, effectively shutting down or limiting civilian communications." A similar provision was contemplated in Congressional legislation last year. In that case, the legislation failed. According to EPIC, the cause of such failure was protests by the public, after which "Congress abandoned the proposal."
According to other IT risk management experts, however, the executive order is nothing for businesses to worry about. James Lewis, who directs technology and public policy for CISS, the Center for International and Strategic Studies, sees the new policy as "the outcome of negotiations between everyone who thought they should have a role rather than implementing some strategic vision for communications."
Large corporations and multi-nationals often have high-level access to information regarding how such changes may influence their IT operations, but smaller businesses are not as well positioned to stay current. One way for SMBs to level the playing field is to work closely with an IT consulting firm able to keep track of a myriad of issues that emanate from the government and may ultimately affect private businesses. By working with an IT consultant who specializes in such issues, a small or medium-sized business can keep abreast of new legislation regarding mandates and regulatory enforcement.
Even among SMBs doing their best to track such matters on their own, few staffers think to include executive orders as salient issues. An IT consultant, however, is better positioned to keep up with all such matters as they strive to provide guidance to SMB clients.