Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Retired Forums»2016 Postmortem»From the Office of Inspec...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

2016 Postmortem

Related: About this forum

BootinUp

(47,145 posts) Wed May 25, 2016, 02:46 PM May 2016

From the Office of Inspector General: Evaluation of Email Records Management

and Cybersecurity Requirements

CONCLUSION
Longstanding, systemic weaknesses related to electronic records and communications have existed within the Office of the Secretary that go well beyond the tenure of any one Secretary of State. OIG recognizes that technology and Department policy have evolved considerably since Secretary Albright’s tenure began in 1997. Nevertheless, the Department generally and the Office of the Secretary in particular have been slow to recognize and to manage effectively the legal requirements and cybersecurity risks associated with electronic data communications, particularly as those risks pertain to its most senior leadership. OIG expects that its recommendations will move the Department steps closer to meaningfully addressing these risks.

https://assets.documentcloud.org/documents/2842429/ESP-16-03-Final.pdf
---------------------------------------

Mother Jones
IG Report on Clinton Email Concludes With...Nothing New

Kevin DrumMay 25, 2016 11:58 AM

snip....

In other words, this is pretty much all the stuff we already knew. The Department of State apparently has epically bad email systems. Nonetheless, Hillary Clinton should have consulted with State's IT staff about her personal email account. She didn't. She should have turned over her work emails sooner. She didn't. Ditto for her staff.

And that's about it. Hillary screwed up. The IG report doesn't present any evidence that her system was ever hacked. Nor does it suggest that Hillary was deliberately trying to prevent work-related emails from being retained. Nor was she the only one conducting official business on a personal account. Colin Powell did it too, as well as dozens of other State employees.

Nonetheless, Hillary exercised poor judgment here. That's been clear for a long time. Beyond that, though, there's not much more to say.

http://www.motherjones.com/kevin-drum/2016/05/ig-report-clinton-email-concludes-withnothing-new

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 5 replies, 1349 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (1) ReplyReply to this post
5 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
From the Office of Inspector General: Evaluation of Email Records Management (Original Post) BootinUp May 2016 OP
Spin Press Virginia May 2016 #1
Hillary screwed up RobertEarl May 2016 #2
She screwed up - purposely. Lots of evidence for the plaintiffs in case of an indictment. jmg257 May 2016 #3
kick BootinUp May 2016 #4
And Hillary had a chance to mitigate this issues and did nothing during her tenure. NWCorona May 2016 #5
 

RobertEarl

(13,685 posts)
2. Hillary screwed up
Reply to BootinUp (Original post)
Wed May 25, 2016, 02:49 PM
May 2016

Hillary exercised poor judgement

----------------------

What great reasons to vote for her. Except the FBI report is next. That may just destroy her whole campaign!!

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

jmg257

(11,996 posts)
3. She screwed up - purposely. Lots of evidence for the plaintiffs in case of an indictment.
Reply to BootinUp (Original post)
Wed May 25, 2016, 02:51 PM
May 2016

"Secretary Clinton: By Secretary Clinton’s tenure, the Department’s guidance was considerably
more detailed and more sophisticated. Beginning in late 2005 and continuing through 2011, the
Department revised the FAM and issued various memoranda specifically discussing the
obligation to use Department systems in most circumstances and identifying the risks of not
doing so. Secretary Clinton’s cybersecurity practices accordingly must be evaluated in light of
these more comprehensive directives."
...

Secretary Clinton used mobile devices to conduct official business using the personal email
account on her private server extensively, as illustrated by the 55,000 pages of material making
up the approximately 30,000 emails she provided to the Department in December 2014.
Throughout Secretary Clinton’s tenure, the FAM stated that normal day-to-day operations
should be conducted on an authorized AIS,147 yet OIG found no evidence that the Secretary
requested or obtained guidance or approval to conduct official business via a personal email
account on her private server. According to the current CIO and Assistant Secretary for
Diplomatic Security, Secretary Clinton had an obligation to discuss using her personal email
account to conduct official business with their offices, who in turn would have attempted to
provide her with approved and secured means that met her business needs. However, according
to these officials, DS and IRM did not—and would not—approve her exclusive reliance on a
personal email account to conduct Department business, because of the restrictions in the FAM
and the security risks in doing so.

During Secretary Clinton’s tenure, the FAM also instructed employees that they were expected
to use approved, secure methods to transmit SBU information and that, if they needed to
transmit SBU information outside the Department’s OpenNet network on a regular basis to nonDepartmental
addresses, they should request a solution from IRM.148 However, OIG found no
evidence that Secretary Clinton ever contacted IRM to request such a solution, despite the fact
that emails exchanged on her personal account regularly contained information marked as SBU.

Similarly, the FAM contained provisions requiring employees who process SBU information on
their own devices to ensure that appropriate administrative, technical, and physical safeguards
are maintained to protect the confidentiality and integrity of records and to ensure encryption
of SBU information with products certified by NIST.149 With regard to encryption, Secretary
Clinton’s website states that “robust protections were put in place and additional upgrades and
techniques employed over time as they became available, including consulting and employing
third party experts.”150 Although this report does not address the safety or security of her
system, DS and IRM reported to OIG that Secretary Clinton never demonstrated to them that her
private server or mobile device met minimum information security requirements specified by
FISMA and the FAM. "

etc. etc.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»Retired Forums»2016 Postmortem»From the Office of Inspec...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.