Time for tech support to be classified essential services

Time for tech support to be classified essential services

Summary: With more IT systems mission-critical and increasingly integrated with almost every aspect of a business, it's high time they're considered a country's essential services.

SHARE:

That a country can shut down its services is bizarre enough, but that part of its IT services are also put on hiatus is truly outlandish. 

IT support
When attacked, even non-essential IT services could bring down an entire ecosystem of mission-critical functions.

The U.S. government began shutting its non-essential services on Tuesday after the U.S. Congress failed to reach an agreement over the country's new budget, stalling over President Barack Obama's Affordable Care Act, also called Obamacare. Without an approve budget deal, government staff performing non-essential services were forced to go on unpaid leave. 

Until the 535 members in the U.S. Congress reach an agreement, many government services and agencies will remain closed or suspended, including Federal Trade Commission, Justice Department, Internal Revenue Service, NASA, and Department of Homeland Security. 

Over 800,000 government employees have been put on unpaid leave and federal workers, as part of U.S. policy, are not allowed to access their work e-mail, and websites as well as Twitter feeds are not updated. While these may seem to have a minor impact in terms of technology, there are worries the shutdown would leave IT systems at risk.

In defining what falls under essential services, the U.S. government's general rule of thumb is that any function involving "the safety of human life and the protection of property" should be kept running. Obviously, IT services don't pose any direct danger to human life, but that doesn't mean the absence of technology carries no risk to human life.

The number of cybersecurity employees, for instance, had been slashed across U.S. federal agencies, leaving systems potentially vulnerable to attacks, noted Steven VanRoekel, CIO for the U.S. federal government. Expressing concerns hackers would exploit the situation to penetrate IT systems, he told Wall Street Journal's CIO Journal: "If I was a wrongdoer looking for an opportunity, I'd contemplate poking at infrastructure when there are fewer people looking at it."

VanRoekel explained that workers essential to national security were exempted from the shutdown, but in practice, most government sites were running on a "skeleton crew". In anticipation of the furlough, he had urged cybersecurity staff who monitored IT networks against attacks to be exempted, but most of those specializing in attack response were eventually told to stay home. While these folks could still be called back in the event of a cyberattack, he said the lack of real-time response was "worrisome". "I have fewer eyes out there," he noted.

Decisions on which security staff to furloughed were made independently by the different U.S. agencies, and VanRoekel was unable to even evaluate the extent of the impact on the U.S. government's cybersecurity team because the people who could give that assessment weren't working. 

At the GovWare conference in Singapore this week, Anthony Bargar, former security advisor at the U.S. Office of Secretary of Defense, underscored the importance of developing cyberoffensive capabilities to deter attacks and protect a country's infrastructure.

A world of increasingly pervasive interconnectivity also increases the risk critical infrastructure will be paralyzed by cyberattacks, especially as the Internet of Things and machine-to-machine communications emerge in the next wave of adoption. Power grids, for example, will soon be connected to the Internet to form smartgrids and everything, including even toasters, would soon have IP addresses. Bargar said: "Cyberdeterrence is the new cold-war reality."

Tony Chew, director specialist advisor at the Monetary Authority of Singapore, noted that adversaries now favored cyberattacks as they were covert and helped minimize collateral damage. "If you are going to fight you cannot just be defending, you must have capability of launching the first strike," said Chew.

In this "new cold-war reality", leaving IT systems unmanned could prove fatal, even if they may seem to support the most non-essential of services because the weakest link in any ecosystem, when attacked, would bring down the entire value chain.

The Singapore government has its own classification of essential services and the operators of such services are not permitted by law to stop functioning, including going on strike. These include banking, civil defense, newspaper, public transport, and weather information services, as well as "information technology services to support the processing of applications for permits for the import, export, and transshipment of goods".

I think this should include all forms of IT functions that support organizations operating services that, if brought to a halt, could pose security risks to a nation and endanger the safety human and property. 

And here's what I really don't get, why is the U.S. Congress still getting paid while other government employees aren't? 

Topics: IT Priorities, Security, IT Employment

About

Eileen Yu began covering the IT industry when Asynchronous Transfer Mode was still hip and e-commerce was the new buzzword. Currently a freelance blogger and content specialist based in Singapore, she has over 16 years of industry experience with various publications including ZDNet, IDG, and Singapore Press Holdings.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • Case in point

    My wife is a psychologist with the VA system. She is considered essential as are most of the 1,000 Federal employees at her hospital. The IT team, however, have been furloughed as non-essential! For the last couple of days all is running smoothly. Any servers/workstations/networks going down, however, will not be supported until after this ridiculous drama is resolved.
    Deerhaven111
  • Your last question is one I'd like an answer to...

    You ask why the United States Congress is being paid while all the furloughed Federal workers aren't. I don't believe I'm the only citizen of the U. S. who wonders that also. From what I've seen of their recent work performance, they shouldn't have been paid before the government shutdown, but that's a whole other subject.
    Den2010
    • The Founders Did Not Anticipate ...

      how critical the federal government would become in a more highly technological age, and thus how time-critical the budgeting process would become. They also did not anticipate that a small faction, elected from highly gerrymandered districts (their number included Eldridge Gerry, before his eponymous example of political malfeasance), by a highly fanatical voter base, who did not CARE who was harmed, as long as their personal tenure is assured.

      Therefore, they never expected that members of Congress would need the coercion of withheld pay for themselves to be motivated to take care of the country. They assumed that restoring (or never interrupting in the first place) the flow of money for necessary services would be considered their supreme duty, and that they would always be honorable enough to put their duty above their personal interests.

      Today we are dealing with a small group of Representatives (put into office by the money of a small group of billionaires) who decided to take the government hostage for two reasons: to stop the full implementation of a law that will help millions of Americans, and to put the nation on a "cold turkey" withdrawal from necessary services that THEY believe are NOT necessary, to break our "addiction" to those services (such as keeping food safe to eat, preventing starvation, protecting our security, and the like). They are setting a very dangerous precedent, and giving in to their ransom demands this time would enable the repetition of it in the future.
      jallan32
  • There is a problem with classing tech support as essential.

    Something like 20% of the calls will require advanced support- requiring an administrator to do something or fix something.

    And that calls for more personnel...

    Especially as even the tech support call infrastructure must also be classed as essential - requiring admin support for that.
    You end up declaring all system support (hardware/software/admin) as essential.

    It is much easier to label them as non-essential, as you also get to label their support (the admins, and servers used) as non-essential.
    jessepollard
  • Whoever is running that email server for congress needs to shut it down...

    And shut down the phone system as well... See how they like only having cell phones for a bit. And shut down their office internet access as well.... And keep it down until those clowns decide to get this entire country back to work and perhaps do a tiny bit of work themselves.

    I recently saw this Rachael Maddow clip and it seriously pisses me off... Those republicants in congress need a good b1tch slapping... They have been planning and promising to do this for more than 2 years!!!

    http://www.dailykos.com/story/2013/10/01/1242940/-Rachel-Maddow-Republican-Shutdown-Evil-And-Planned-VIDEO
    i8thecat4
  • Country Shutting Down Services?

    No, it is the GOVERNMENT that is shutting down services. The country is still running fine. There is a big difference. My bank is still open. The shipping ports are still open and I'm (sigh) still at work. Airports are open. Etc.
    hforman@...