Clintonemail.com: A Cautionary Call To Action - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership
Commentary
3/23/2015
11:50 AM
Joe Stanganelli
Joe Stanganelli
Commentary
Connect Directly
Twitter
LinkedIn
Google+
RSS

Clintonemail.com: A Cautionary Call To Action

As former Secretary of State Hillary Clinton becomes ever more embattled in the press and in politics because of her personal email usage, we can draw lessons for enterprises and employees alike on contending with Shadow IT.

(Image: Blueboss via Pixabay)

(Image: Blueboss via Pixabay)

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
kstaron
50%
50%
kstaron,
User Rank: Ninja
3/30/2015 | 3:22:25 PM
do you want control or ease of use?
If you want strict regulatory control over email, then you simply can't have a BYOD policy other than no BYOD. If employees are forced to use their work email over their work phone then there is very little room for confusion. Then if something like this happens it's much more likely it was intentional and not 'just an accident'.
Todder
50%
50%
Todder,
User Rank: Moderator
3/26/2015 | 2:17:15 PM
Re: Device or Service?
If you want better security then any usage must be fully governed and BYOD doesn't allow for that, and even after that, what is stopping a person using another device, say a hotel "share" system & commit the same acts.


This becomes the cost of doing business.
zerox203
100%
0%
zerox203,
User Rank: Ninja
3/24/2015 | 3:02:36 PM
Re: Clintonemail.com: A Catuonary Call To Action
I very much agree with your overall takeaway here, Joe; communications-based security concerns (be they e-mail or otherwise) are a persistent, legitimate issue, and they aren't going away any time soon. If nothing else, the fact that the Secretary of State was, at some level, infracting on this is evidence that this goes up to the highest level possible - and that there's no doubt it affects everyone in-between. I do think the ramifications of this specific story are being inflated a bit by other, click-hungry publications (Gawker called it a 'secret' e-mail adress, haha) - it's worth noting that Mrs. Clinton already turned over all the e-mails from this account to public officials for review, and (according to herself) wants the public to see them. There's a lesson in there about tact and incident response (an important component) for CXOs, too. Nevertheless, we are talking about one of the highest offices in the world.

There's no shortage of issues here on the technical side (the need for a good MDM solution comes to mind), but I agree with your position that the non-technical is often just as or more relevant. Many security pros advocate mitigation and DR over prevention, and that seems relevant here. Whether willfully or accidentally, users are inevitably going to violate your policies. When you mentioned monitoring private e-mail, I couldn't help but think 'even if you did that, they would just give you a phony e-mail to monitor, and then use another one'. Expecting outside partners to adhere strictly to your policies also seems like a bridge too far outside of extremely sensitive industries (IE financial, gov't contractors) - after all, it's not like you'd want to adhere to theirs. I think it's more about finding a good fit and figuring out what's absolutely essential to you and what's an acceptable risk.
jastroff
100%
0%
jastroff,
User Rank: Ninja
3/24/2015 | 10:58:53 AM
Device or Service?
Yes, BYOD does contribute to the issues you outline

But what also makes it possible is all the free email services, free  or low cost texting, free chat services.

One can have half a dozen free email accounts from different places. As long as these free services are around, the problem may never be solved
Commentary
Learning: It's a Give and Take Thing
James M. Connolly, Editorial Director, InformationWeek and Network Computing,  1/24/2020
Slideshows
IT Careers: Top 10 US Cities for Tech Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/14/2020
Commentary
Predictions for Cloud Computing in 2020
James Kobielus, Research Director, Futurum,  1/9/2020
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll