Welcome back to Head in the Clouds, my ongoing blog of interesting and potentially odd web articles, with a focus on cloud computing and security. With all the information thrown at you on a constant basis, let CloudLock curate some of the stories we’ve been reading to keep you informed.
This week I’m changing things up a bit, to focus on one particular story that’s been making the rounds both in the media and around the office: Hillary Clinton and the Emails of Doom.
A Matter of Convenience
I think that this article from The Verge sums up the entire issue/scandal in the most digestible way possible: She used her private email, claims it was secure, and says she did this because it was more convenient.
Let’s take the conspiracy theories out of the mix, and remove the political implications for a moment. Whether or not this was done to have full control over her communications as some camps claim, or to be able to avoid Freedom of Information Act requests is actually a bit of a side issue to me. Agree or disagree with the political side, the real simple shining moment of this story is a quote from Hillary Clinton herself.
Hilary stated, “I thought it would be easier to carry one device for my work and personal emails instead of two.”
If “convenience” isn’t a microcosm for the state of information security, BYOD, and how users impact our security measures, then I don’t know what is.
Private Email – Security Risk or Benefit?
The craziest part of this entire story? What if, contrary to the popular belief that Hillary’s private email server, unencrypted for 3 months, was a huge security flaw – what if using her personal domain and server actually protected her from the hacks that brought down the State Department?
This article from Slate lays out evidence for both views – using a private email in a country that’s actively trying to hack into our Government accounts could have given an attacker a much easier job of gaining access, and allow the attacker to stay undetected in her private server.
On the other hand, would the privacy of her email have made it harder for the hackers to even find her email assets – as she wasn’t using the State Department email they’d look at first?
I tend to side with the former, in that I’d assume her email wasn’t that hard to find after her first few months of communication with others in the State Department, especially after they were hacked themselves. Her private account might have been protected from these attempts, but with only her side of the story – we may not ever be sure there wasn’t someone snooping the traffic.
Security and Convenience – Can’t We Have Both?
This story has brought a great deal of interest into a subject we here at CloudLock feel is one of the ongoing great security debates of our time – frankly how do you allow your users to have the flexibility they need to be productive, while ensuring they’re not leaking highly secure information?
We have our own opinions on the best way to approach this, but the subject is one we’re only going to see become more and more complex as smartphones, app marketplaces, and productivity boosters all start to fight with IT and Security departments for prominence.
Hillary might have just become the poster child for the topic, and no matter how this story turns out – we assume the media will be talking about this well past 2016.
That’s it for HitC this week. We’ll be back soon with more odds and ends from the interwebs, and our own unique take on them.