The Schwartz Report

Blog archive

Hillary Clinton Isn't the Only One To Bypass IT

News that Hillary Clinton operated an e-mail server out of her house in Chappaqua, N.Y. for both personal and official communications while serving as Secretary of State underscores how far people will go for convenience and control -- even if it means bypassing IT to do so.

While maintaining that she didn't break any laws or send any classified messages using her personal e-mail account instead of the official e-mail system the rest of the government uses, Clinton has raised fierce debate over the propriety of her decision to take matters into her own hands. Aside from the legal issues and obvious questions, such as did her use of personal e-mail really go unnoticed for four years and was the system she used as secure as government's network (some argue hers might have been more secure), her actions are far from unique.

In my reporting on this month's Redmond magazine cover story about the forthcoming end of life of Windows Server 2003, IT pros lamented that they discovered many unsanctioned servers in use -- often under employees' desks. For better or worse, many companies have become more tolerant of employees bypassing IT than they were years ago in part due to the bring-your-own-device (BYOD) trend brought on by the advent of smartphones and tablets. I often receive business-related e-mail from high-level people at companies of all sizes from their personal e-mail addresses -- usually a Gmail, Yahoo or Outlook.com address -- and I'm sure you do too.

Many employees in organizations not wanting to wait for IT to provision systems have spun up VMs by setting up an Amazon Web Services or Azure account with a credit card. And it's certainly become common for business users to set up accounts using Salesforce.com and Workday, among other SaaS applications. Many are also setting up Office 365 accounts on their own.  Services such as OneDrive, Google Drive, Dropbox and Box have replaced flash drives for copying and storing files. A survey by data protection vendor Vision Solutions found that 52 percent of organizations don't have processes to manage the use of such services, putting at risk the loss of confidential data.

Apparently the U.S. government -- or at least the State Department, which she headed from 2009 to 2013 -- was one of them. Indeed setting up your own Exchange Server (I'm assuming that's what she used since that's what runs the Clinton Foundation's e-mail) is a more brazen move than most take and one that most are unlikely to do, given the cost.

From news accounts we know she's not the only government official to use personal e-mail for routine business communications, though she's the highest level and, for now, the most infamous one to do so. If we're to take Clinton at her word -- and I realize many don't -- she said yesterday she used her own e-mail for convenience. If that's to be translated that she was trying to balance her work and personal life by using one account, I think we can all agree that was a bad idea -- she said as much, though she could have separated them and still used one device, as many of us do.

Given that she was the nation's top diplomat and a potential presidential candidate, the fallout from this is far from certain as this issue continues to create discourse.

In the end, businesses and government agencies of all sizes have to establish policies that address what employees at all levels can and can't do when it comes to using IT. Absent of any clear rules and enforcement of them, you likely have at least one, if not many, people like Hillary Clinton in your organization.

Posted by Jeffrey Schwartz on 03/11/2015 at 1:19 PM


Featured

  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

  • Qualcomm Back in Datacenter Fray with AI Chip

    The chip maker joins a crowded field of vendors that are designing silicon for processing AI inference workloads in the datacenter.

  • Microsoft To Ship Surface Hub 2S Conference Device in June

    Microsoft on Wednesday announced a June U.S. ship date for one of its Surface Hub 2S conferencing room products, plus a couple of other product milestones.

  • Kaspersky Lab Nabs Another Windows Zero-Day

    Kaspersky Lab this week described more about a zero-day Windows vulnerability (CVE-2019-0859) that its researchers recently discovered, and how PowerShell was used by the exploit.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.