Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Hillary Clinton’s email security practices criticized by inspector general - expert comment

May 2016 by

Reports are appearing online about the State Department’s inspector general has sharply criticized Hillary Clinton’s email security practices, and her exclusive use of a private email server while she was secretary of state, saying she had not sought permission to use it and would not have received it if she had.

"This is a challenge as, in my experience, many organisations, rather worryingly, say “oh yeah we know they send mails home to work with, or we allow them to use their own PC’s at home for work or "I couldn’t tell if they used our tools outside of the organisation". They are often just relying on procedure to protect their data and employees. In most cases there are no controls to stop people leaking some very sensitive data online via email, or even by other means like social media. I have had experience of employees within organisations uploading content to untrusted websites with no thought for security and how it could potentially impact the company - they just have a job to-do so it’s just easy to Google a solution and use that, typically online solutions that collect data. Often this is not meant to be malicious; it’s just that they have not considered security and the potential exposure. The question is how many people would admit to doing it internally, and is the culture more aligned to brushing it under the rug so as to not be the next big scandal. It is also becoming more challenging with the way we work and our agile approach to working.

Without controls in place, or a way to validate that the user is not doing what they are not supposed to be doing, how can you really enforce procedures? Many organisations just don’t have the time or resource on their own to police it. Organisations need to think about monitoring sensitive data leakage and considering where data could be leaked and start hunting for it."


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts