DNC Email Scandal Shows What Must Be Done to Prevent Breaches, Leaks

As this is written, Debbie Wasserman Schultz, the chairwoman of the Democratic National Committee has resigned under pressure and effectively has been forced off the stage of her party’s convention.

But the release of thousands of emails from the DNC showing how the party leadership conspired to keep Senator Bernie Sanders from winning the Presidential nomination is not all bad because it revealed the fact that the breach took place.

While leaks were a huge embarrassment for the party as it prepares to nominate its presidential candidate, it’s really mainly a problem for a few people who were most responsible and therefore probably deserved it.

DNC hack

What would have been worse is a breach that went undiscovered while the depths of the DNC’s email were secretly mined indefinitely for information useful by its opponents, foreign or domestic. But perhaps more serious is the ongoing myth that email is somehow private or secret.

So let’s get that misconception put to rest immediately. Email is not secure, it’s not private, and acting as though it is will only get you into a world of hurt. The DNC should have figured this out from the woes of Hillary Clinton and her now public emails that gained her a public shaming from the Director of the Federal Bureau of Investigation.

In that case former Secretary of State Clinton set up her own email server at her home in an apparent effort to bypass federal archiving rules and to make her immune from Freedom of Information Act requests by the news media.

Email security

That effort backfired and while her emails may not have been taken by hackers, they were taken by the FBI, and subsequently released.

While this was going on the DNC was operating its own email server and as the released documents from WikiLeaks show, party officials were plotting the downfall of Clinton’s only serious challenger. This time the email wasn’t taken by the FBI, but apparently by the Russian government, although so far that hasn’t been entirely proven.

But the real issue isn’t who took the emails, but rather the fact that they were taken. Once they were taken and their contents were released it was clear the information in those emails had been treated with little respect by the people who compiled that archive of messages. Apparently both the DNC and Clinton had just assumed that they would never come to light. So they had done nothing to protect them.

This is the lesson for everyone in government, business or private individuals. These two examples should show just how insecure email is and how badly it can affect your organization when it turns out that you guessed wrong about email security.

Fortunately, there are things you can do that will prevent email leaks that could embarrass you or damage your organization.

Continues on page 2

Originally published on eWeek