Data security has been on a wild ride in 2018. The United States is staring down the reality of deregulated internet service providers (ISPs), or whatever comes after the rollback of net neutrality. You’re undoubtedly on top of it, but here’s a super fast crash course to review what’s been going on:
- The FCC repealed net neutrality on December 14, 2017. ISPs can now block, throttle, or require paid access prioritization for business customers, consumers, and content distributors.
- Politicians are fighting back. Montana Governor Steve Bullock signed the first executive order requiring ISPs with state contracts to abide by net neutrality. The US Senate is trying to restore ISP regulations by forcing a vote.
- A flurry of lawsuits have been filed in appeals courts, including pro-regulation suits from 21 states, tech companies, and advocacy groups, including the support of the Internet Association, a trade group representing Google, Netflix, Amazon, Facebook, Reddit, and many other giants.
- You can kiss the open internet goodbye, at least for now. The continued backlash from politicians, tech companies, and citizens is hopeful, but legal change is complex.
In the meantime, it’s safer to assume you’re living in a world where post-net neutrality is the new normal. Is your IT department doomed? How can you prepare for all the changes that may be just around the bend?
Learn how deregulation could change office IT
“Privacy [will become] more of a luxury than a right,” writes Ryan Long, an attorney with the Electronic Frontier Foundation and Stanford’s Center for Internet and Society. Sounds bleak. In other words, the impact on your operations and data security budget this year could be major. The cost you pay to your ISP for fast-lane, encrypted data transmission could skyrocket, especially if your requirements for encryption or velocity are steep.
You may also face the choice to either pay more or risk being less secure. Startups and small businesses without much budget could be up against some tough decisions—even if your business can pay the fee, the cost of net neutrality’s repeal will still hurt. Startups will suffer the most, while big companies may end up using budgets dedicated to innovation to cover the much higher cost of fast, secure data service.
To make matters worse, content access is not guaranteed: Over 100 million “lawful” SMS messages are blocked each year without notice or explanation, says Karyn Smith, general counsel at Twilio. She predicts blocked access to internet content could also become common, and you’ll likely experience dramatically slowed wait times for rich content. The repeal may even result in gated content accessible only via paid packages, a concept known as the “splinternet” that’s frequently compared to the pricing structure of cable TV. Data access governance is already a complex science, but it could become even more complex as you consider digital content access needs for each of your employees.
Finally, one last factor that may be influenced by this rollback is your competitive intelligence. Competitive intelligence on your customers is already hard, but now, you need to think about how this repeal plays a role in your future competitive intelligence strategies—if your customers aren’t springing for high-cap data packages, your mobile and web apps may need to be redesigned or re-hosted, which may mean scrapping the video streaming app project in your dev backlog.
7 steps to keep your IT team swimming after net neutrality
Now, you’re probably quivering in front of this picture of doom and gloom—after all, there’s nothing scarier than an IT environment that’s even harder to manage. But is there anything you can do about it? Fortunately, yes, and the sooner you start taking action, the better. Here are some crucial data security conversations you need to have as soon as possible:
- Pay close attention to your budget. Start working with your board and CEO to predict and understand the impact of net neutrality on capital and operational expenses.
- Update your network. Work to understand if your ISP reliance can be decreased by adopting new solutions, like software-defined WANs or private networks for critical apps.
- Consider your people. Start hosting conversations between HR and IT to minimize the hit on your remote workers, contractors, and business travelers.
- Refresh your acceptable use policies. You’ll want to loop up with your entire IT team and the HR department, too, to discuss how to best revise these policies for the future.
- Understand changing customer behaviors. This will be an ongoing competitive intelligence effort between IT, marketing, and leadership.
- Don’t forget to plan for other legislation. Remember the European Union’s General Data Protection Regulation (GDPR)? Keep an eye on the other data security and compliance pressures you’re up against, or you could risk facing steep fines.
- Reduce your workload. Target endpoints and processes that drain IT resources to ensure you can adequately get your arms around ISP deregulation. Now is the time to replace the unsecured or legacy endpoint devices that pose a threat to your network or break constantly. Replacing your riskiest endpoints with devices that come pre-built with security features, like self-healing printers, won’t bring back neutrality, but it’s still a win—and one less thing you’ll have to worry about in the future.
IT teams and data security pros face hard decisions in the face of ending net neutrality. Scaling back your security standards isn’t an option, thanks to the hackers who want in to your network, but don’t expect your customers to pay a premium to use your data-heavy apps and services. No one in the world will become more tolerant of face-meltingly slow page or app loading times. And while it remains to be seen exactly how deregulation will impact your office IT team and customers, there will almost definitely be impact. The time is now to discuss your response and plan your survival tactics.