Posted by fd343ny on 9/1/2015 8:41:00 PM (view original):
Posted by shawnfucious on 9/1/2015 6:26:00 PM (view original):
Posted by fd343ny on 9/1/2015 4:36:00 PM (view original):
so, what would people think if an employee declined to use the company email system and instead handled work emails on a separate server outside the control of the company?
In my company it can't be done. You could pretend maybe but you couldn't get your work email while you were at work and that could be a problem.
if it could be done despite policy to the contrary, is it wrong?
yes. its wrong, but how wrong is it? it depends. to a security expert, its pretty bad. but if you are a reasonably normal person who is generally oblivious to the security issues surrounding the internet, its probably not something you even really think about.
also, its often the case that policies are unclear - as is the case in the situation you are referencing, IMO. i think the overall govt internet security posture borders on criminally negligent, and i am not a hillary supporter, but i also think context is extremely relevant in just about every situation. the context is one where people and the govt are extremely lax on internet security, where previous people in the same position did the same thing (i sure do respect colin powell - poor guy really got the **** end of the stick - that is politics... but i digress). was it wrong? absolutely. i don't think its a gray area. everyone does things that are wrong though. how wrong was it? i mean, as a guy who does engage pretty heavily in internet security... its pretty abhorrent. but the stuff that happens every day all over america, from the household, to the fortune 500 corporations, to the federal government - is pretty abhorrent (especially the federal government). but when you compare something like a fairly un-technical person, using a private email account, to something like a major corporation internet connecting freaking millions of engines in their cars... which is one of the stupidest things an executive team could ever do... its like the difference between hunting when you are technically a felon and going ape **** and opening fire killing 20 people. or smoking a joint versus trafficking heroin.
the bottom line is, people are woefully uneducated about the critical nature of internet security. when you are in a position like secretary of state, you should be paying people to tell you how important it is, she should have know, but our politicians are generally so incompetent, its hard for me to fault someone for incompetence more than i fault them all for incompetence. and the government across the board pretty much ignores internet security (its starting to change, but thats pretty recent). was she wrong? no doubt. so are the rest of them. i really think the issue is overblown - in terms of the focus on hillary. the focus should be about how the government as a whole is dangerously negligent in their response to internet security. lives are at stake, its really completely ridiculous. people will have to die before they wake up - and still, that may not do it. but if a thousand jeep owners die tomorrow, it will - and i hate to say it - it would almost be in the public interest for something like that to happen, to raise awareness, before its a nuclear plant going... nuclear, or weapon systems being compromised by hackers, or the internet as a whole being brought to its knees, which in our day and age - with the reliance on the internet for so much of the back end logistics that make this country and this economy work - could be catastrophic.