The recent sacking of Yair Ramati, Israel’s now-former missile defence chief, seems the latest of a string of high ranking officials succumbing to the lure of using their personal computers for work purposes. What would possess Ramati to store top secret data on Israel’s defences on a very unsecure and very hackable piece of equipment? He’s rightly lost his job but let’s note, Ramati is not alone in this tendency.
Earlier this year, Hillary Clinton was raked over the proverbial for having used a personal email server for government business, including emails containing information that was labeled as ‘top secret.’ Clinton’s email fiasco may potentially cost her the presidency (should she progress to becoming the leader of the Democrats), depending on the results of a FBI investigation into the issue. The investigation is examining the extent to which US government’s security was compromised, and to whom the responsibility lies for any security breaches.
Malcolm Turnbull, the Australian PM, is currently using a private email server, as well as various mobile apps for the purposes of communication. His justification? Because government servers aren’t necessarily more secure. Fair enough, but they certainly strive to be, and there’s also that niggling question of transparency to the people who voted you in…
Here in BC, our premier Christy Clark has been triple deleting sent emails, meaning that sent emails are deleted, then the trash folder contents deleted, then the backup folder contents deleted. Each step is manual. It’s not accident to triple delete. She begged ignorance of the practice. Our provincial laws dictate that all government information be available to a Freedom of Information request (with some limitations, pertaining to confidentiality, privacy, and security), so this particular data deletion is damning to Clark, should the voter care.
Unfortunately, most people don’t seem to care about these kinds of security breaches. These articles come and go, and it is only really the tech (and intelligence) community who understand the depth and seriousness of these incidents. Data, information that is to say, is pure gold to foreign entities. Improper storage of confidential and secret data is like leaving the front door open to your house, and just begs to be broken into.
The irony is that most organizations demand confidentiality and secure use of organizational data by the Joe Average employee. Somehow, the ruling elite seem to think that security rules don’t apply to them. Perhaps it’s even ‘just’ a case of that they can’t be bothered to learn their organization’s security protocols. Many of us have witnessed the blatant eye rolling and glazed expressions of executives when faced with having to learn something about the computers that they use on a day-to-day basis. Such an attitude is not only disrespectful to IT departments, it is also a colossal mistake to disregard the importance of data security.
For better or for worse, it’s good that Yair Ramati was fired; his mistake could have potentially cost the security of his country. In these troubled times in the Middle East, Israel can’t afford mistakes. Other countries, governments, organizations, would do well to heed Israel’s example, and perhaps more importantly, educate their ruling elites.