Bush security plan calls for background checks
Computerworld -
WASHINGTON -- Once a cabinet-level Department of Homeland Security is established, the Bush administration plans to convene a panel of government and private-sector experts to determine the legal guidelines for subjecting tens of thousands of private-sector employees to background investigations.
The panel -- outlined in the president's National Strategy for Homeland Security released last week (see story) -- would be convened jointly by the secretary of Homeland Security and the U.S. attorney general. It would examine whether current employer liability statutes and privacy concerns would hinder "necessary background checks for personnel with access to critical infrastructure facilities or systems."
That means tens of thousands of private-sector employees working in industries such as banking, chemicals, energy, transportation, telecommunications, shipping and public health would be subject to background checks as a condition of employment.
Tom Ridge, the current director of the Office of Homeland Security and the leading contender to become Bush's nominee for the cabinet post, said on July 21 that the nation remains at risk from an unknown number of terrorist cells operating within the U.S. And according to the national strategy, that situation could be further complicated by malicious insiders with authorized access to critical facilities.
"Personnel with privileged access to critical infrastructure, particularly [IT-based] control systems, may serve as terrorist surrogates by providing information on vulnerabilities, operating characteristics and protective measures," the Bush strategy states.
The administration's desire to ensure that employees working at critical infrastructure facilities -- 90% of which are owned and operated by private companies -- could also provide additional incentive for the Bush administration to establish the post of chief privacy officer within the proposed Homeland Security cabinet-level office.
"I certainly think that we are very open to having that discussion," Steve Cooper, president Bush's CIO for homeland security, said today. "I suspect that the American public is also interested. I think the dialogue is welcome."
But the challenge of conducting background investigations on such a massive scale may be far greater than anybody has acknowledged so far, said Bill Malik, a security analyst at KPMG LLC.
"The biggest problem with background checks for folks working on critical infrastructure is the broad use of third parties and contractors involved in the work," said Malik. "The worry at a nuclear power plant is not so much the regular staff but the cleaning crew, the groundskeepers, the caterers and the painters.
"And from a law enforcement perspective, it is actually easier to covertly identify a suspicious person and place them under surveillance than it would be
Security
Additional Resources



White Papers & Webcasts
Death to PST Files
Download Now
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Tape Killed the IT Guy
Watch Now
Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity
Download Now
BRM: What You Can Do To Reduce Risk In Challenging Times
Watch this webcast now!
What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices
Download Now
Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".
eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...

