During the U.S. Presidential election, Hillary Clinton took a lot of heat for her use of a private email server for sending and receiving government related email. Politics and motive aside, Clinton’s use of a private email server was controversial because it put potentially confidential government emails outside the control and oversight of official government channels. While FBI investigators found no criminal wrong doing in this case, they did share that handling sensitive information in this way was careless and reckless.
As it turns out, Clinton is not the only one reckless in her data security. One of her greatest opponents and critics, Mike Pence, also used personal email services to send sensitive government correspondence. According to Indy Star, Pence used an AOL email account to send government related emails. Worse yet, his AOL account was hacked by a common cyber criminal. In this video, I share my thoughts about this case, and why I believe using a personal cloud email service is as bad as using a private email server.
Episode Runtime: 9:52
Direct YouTube Link: https://www.youtube.com/watch?v=krnJMen4fdY
EPISODE REFERENCES:
- Pence used personal email account for state business – Indy Star
- Email hacking is only getting started – Wired
Corey Nachreiner, CISSP (@SecAdept)
Alan says
“Mike Pence, also used personal email services to send sensitive government correspondence. According to Indy Star, Pence used an AOL email account to send government related emails. ”
First of all, your source is a liberal leaning media outlet. Secondly, the statement was not that he sent SENSITIVE government-related emails., but simply government related emails. Thirdly, his state does not forbid him from using a private email account or require him to use a secure governmental mail system. He met all requirements of their law by allowing those who needed access to verify his use, unrestricted access to his account.
Now, if you want to discuss the merits of using cloud or unsecured email systems, then I am all ears; however, if you want to preface your article with politicized, inaccurate and misleading crap, then count me out. Stick to what you know, not what you fantasize about in that convoluted meatball you call a brain.
Brent Bates says
Hi Corey,
I agree that Pence probably messed up, but wasn’t that email sent and received while he was governor and not as Vice President. I am not sure his state had the same requirements for email as the federal government. They should have.
Pence’s state miss-use did not rise anywhere to the level of Clinton’s federal miss-use.
Still not wise.
Nobody says
It wasn’t illegal or against the rules for the governor of Indiana to use a Gmail account, but it was illegal and against the rules for the Secretary of State to use a private e-mail server.
KDE says
The hack occurred when Pence was governor of Indiana. In the state of Indiana, it is perfectly legal to use email for work, and in fact you could argue that he needed a private account because it is ILLEGAL in the state for a government official to use a work account for political business. He had access to much less-sensitive information than Hillary Clinton, Secretary of State.
Compare to Hillary again. Hillary, Secretary of State, knew what she was doing when she had her aides destroy her phones with a HAMMER and wipe her systems with “like a cloth or something” AKA BleachBit. This takes things to a whole other level. The investigation into Hillary’s email scandal isn’t over and is still being litigated. Clinton exclusively used her private account for work, something no Secretary of State has ever done before, yet there is no evidence Pence used his exclusively for work or that it was any different than any past governors’ use of their private accounts.
For Hillary, it was encouraged that she was supposed to use her work account especially for security sake, and they were supposed to be easily archived and accessible. She ignored those protocols.
She didn’t hand over all her work-related emails according to the FBI. They felt there was enough in her email account to launch an investigation. There is no investigation into VP Pence’s breach. Comey said what she did was wrong, but DECIDED not to prosecute. This doesn’t mean what she did wasn’t criminal. Hillary lied about sending and receiving classified material.
From Washington Post: “Using a private account if you’re the governor of Indiana, where it’s legal to do so and you’re ostensibly dealing with much less-sensitive information, is much different than using a private email account exclusively to do work as secretary of state,who has access to many if not most of the nation’s top secrets.” https://www.washingtonpost.com/news/the-fix/wp/2017/03/03/why-mike-pences-private-email-account-is-way-different-from-hillary-clintons/
No security is 100%, and I am not excusing VP Pence’s mistake (which actually turns out having a private account may have been a necessity based upon Indiana law) but to compare it to Hillary’s private email server and to even suggest it is worse without considering the laws and circumstances surrounding the nature of the data and persons involved is quite frankly breathtaking.
Security doesn’t operate in a vacuum, and I am not in agreement with your analysis on this one. Thanks for listening!