5 Lessons Businesses Should Learn From the Clinton Email Scandal

Businesses should learn from Hillary Clinton’s email scandal that there is a right way and a wrong way to handle email. Here are some best practices to steer clear of potential issues.

The technical nuances of email and the possible ramifications of improper use and storage aren’t readily apparent to the layperson lacking an IT background. While users may believe they are sending confidential notes to their contacts, in reality those “confidential” notes could be harvested to ascertain what is being said when and to whom through mandated legal copies of the email data. And because email systems are extremely free-form and difficult to regulate, many emails, like Clinton’s, can be sent to people on other systems that are potentially even less secure or compliant than hers. By understanding email complexities, a business will appreciate the need for a central archive that serves as a single, tamper-proof source of truth.

Archiving emails is one of the best ways to offset email’s free-form behavior. It’s not enough to rely on ad hoc data harvesting; organizations must establish archiving systems that preserve and protect all emails, ensuring that their contents can be easily retrieved when needed. An email archive helps maintain governance policies and defend against any potential claim arising from an email sent from a business. If Clinton’s IT team had archiving in place, her emails under investigation could have been quickly accessed, searched and easily retrieved, mitigating the backlash she has endured due to the way the email discovery and disclosure process was handled.

Archiving is for the long-term preservation of an organization’s critical communications, and storing that data in an accessible repository with immutability and security features is critical. An overall governance plan for the executive branch set by the government should have been put in place to eliminate any questions around the email data integrity and security.

The vast amount of data in email systems presents a huge opportunity for businesses to leverage cloud-powered insights, which have the capability of alerting businesses of suspicious emails or risky actions by an employee before they result in significant problems for the company. By using data insights to identify trending rogue behavior, businesses can take preventative measures to ensure they are avoiding potential disasters for their organization. In Clinton’s case, a single audited source of her email could have quickly identified what she was doing and taken quicker action to solve the issue before it was too late.

While archiving is not frontline email security, it does play a part in an overall governance and preservation plan. Many cyber-security experts have expressed concerns that the bigger scandal in the Clinton email controversy is not the contents of the emails themselves, but the vulnerability of her system to attack by sophisticated hackers. An example came in 2011 when an alleged group of hackers sent Clinton a phishing scam, disguising five emails as New York City speeding tickets. The Clinton campaign confirmed that the former secretary of state did not open those emails. Every business should consider the importance of its security and need to be especially vigilant when dealing with email data.

Email is the most ubiquitous method of communication for organizations large and small, and has proven to be an invaluable tool due to the data insights it provides. All businesses can learn a valuable lesson from Clinton’s email mistakes. By proactively implementing an email usage policy, using an archive provides a method to meet both governance and security requirements, thereby helping an organization mitigate uncertainty or risk. The use of a secure, accessible and auditable repository gives organizations the advantage of detecting an issue before disaster strikes. For Clinton, a central archive could have meant the difference between an easy win and the unwanted scrutiny she is facing today.