From GeekWire, a techie website:http://www.geekwire.com/2015/why-the-clinton-email-server-story-matters-and-why-it-may-be-worse-than-you-think/Why the Clinton email server story matters — and why it may be worse than you think
Commentary: Let me start by saying what this article isn’t.
This isn’t an article about Hillary Clinton (in fact, for the rest of the article, I’m simply going to talk about the “Secretary of State” or “Secretary”). This isn’t an article about records retention and access and possible motivations around that. And it’s not about questions of the law.
This article is about actions that we know the Secretary of State took, and what it means from the point of view of information security.
Information security is the most important point in this whole situation, in my opinion. And because of the usual political nonsense, it’s getting lost and we can’t afford for it to get lost: it relates directly to critical matters of national security.
From this point of view, the facts are nearly undisputed. The Secretary of State did not use an email account that was hosted on an official State Department server. Instead, she used an email account on an outside server. All accounts indicate that this email account was used exclusively: the Secretary never used an official State Department email account hosted on State Department servers. And reports indicate that this email account was hosted on a physical server that was not physically under government control or protection. Some reports have even indicated that it was located in the Secretary’s personal residence. Some reports have characterized this as a “homebrew” server, and that’s apt and accurate.
These are the facts that we need to focus on from an information security point of view. Because if these facts are true, this can represent one of the most serious breaches in data handling that we’ve ever heard of.
This matters for three reasons.
Click link above for remainder of article.