Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 5 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

How many in the US Government were using their own email for work?

by The Gurus
March 11, 2015
in Opinions & Analysis
Share on FacebookShare on Twitter

A tweet from a good friend of mine really summed up the situation in the US Goverment relating to the email of former First Lady and Secretary of State Hillary Clinton.
Conference speaker and all round good security guy Jerry Gamblin said: “Hillary Clinton was just working around what she saw as inefficient IT policies. Shadow IT is a huge security risk for every company.”
The world has apparently been shocked by the news that Hillary used her personal email out of “convenience”, and admitted it “would have been better” to have two accounts to separate work and personal emails. According to BBC News, the emails deemed personal were about half of the 60,000 emails in total she sent during her time in office, while the state department said it would release the emails they received, about 55,000 printed pages in total, after a review.
The New York Times reported that she said she had “fully complied with every rule” and was going “above and beyond” what was required of her in asking the State Department to make public much of her email correspondence.
The issue is one of “convenience”, as she said she had only convenience in mind in choosing to use just a personal email account. So is this at the centre of not only this story, but all of the BYOD and consumerisation that I and other journalists and analysts have been writing about for the past five years – a matter of convenience?
Why do employees bring their phones and tablets into the workplace and connect to corporate networks? It is to do work more efficiently and be more productive, and it is more convenient to work on your own device and bring your own device than to work within office hours and be restricted to office IT equipment.
I realise that statement sends shivers up the spine of IT professionals, but it is the reality of the current world that this is the case. Obviously there is a significant difference with this being the US Secretary of State and potential Democrat candidate, but the New York Times reported that Mrs Clinton said that the server which housed her email address had been set up on property guarded by the Secret Service, and that there had been no security breaches. Also she said she had never emailed classified material to anyone.
So has she done anything really wrong here? She has informed her internal IT department of what she planned to do and it was “known”, so perhaps this is a case of Shadow IT affecting the highest and most guarded houses in the United States.
Take what was reported by ABC News: “Clinton also talked about the private server that was used to host her email domain, saying that the system was set up for her husband and his post-presidential office that ‘proved to be effective and secure’ She also confirmed earlier reports that the server was based out of the former first couple’s home in Chappaqua, New York.”
This was set up for a former two-term President, although one of whom was commander in chief before the major public take-up of the internet.
Now though the storm has been kicked up, and who Hillary emailed is under review. Was it other political leaders around the world? The current President and Secretary of State? Or was it just members of her staff? This will be reviewed and scoured in the review and investigation, but what I suspect this will reveal is more Shadow IT cases than they wish to know about.
According to ISACA’s Rob Stroud, Shadow IT is IT run and operated beyond the view of IT, and this is something that has happened with organisations since the introduction of the PC. He told IT Security Guru that the concept is why use technology at work that is worse than what you have at home?
Phil Barnett, VP and GM, EMEA at Good Technology, said: “Personal and highly sensitive corporate data are very different and should be treated as such. But that’s not to say you can’t have them on the same device. The user experience must be high quality to keep data secure – if your corporate security model is too heavy, people will find a way around it. Separating and containerising sensitive data allows one device to do both jobs while balancing usability and security. The more sensitive the data, the more critical this approach becomes.”
In a recent conversation with security vendor Darktrace, director of technology Dave Palmer said that in one case, a company thought that they had 5,000 connected devices, but an audit revealed it to be 25,000.
I predict that the investigation into the White House Shadow IT will reveal more uncomfortable results than they wish to know about, but in reality we have the strongest example of how disruptive Shadow IT is, and if it is happening in the highest political cases you can bet it is happening in your organisation also.

FacebookTweetLinkedIn
Tags: BYODConsumerisationmobileShadow IT
ShareTweetShare
Previous Post

FREAK, IE and Stuxnet patches delivered by Microsoft

Next Post

Keep your sight on the adversary

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information