Physical security of the Clinton e-mail sever

| March 10, 2015
Not an actual photo of the Clinton server room.

Not an actual photo of the Clinton server room at their house in Chappaqua.:-)

I’ve raised in prior posts (here and here) the issue of physical security of the clintonemail.com e-mal server, which is why were it was located and how it was set up matters. Last night, Mitch LaKind — who has experience setting up secure military e-mail servers — wrote me about the detailed issues surrounding Clinton’s approach. I’ll let him speak for himself (emphasis mine, though):

As a former contractor to the Air Force, I personally managed the Microsoft Exchange servers that were installed at Thule Air Base. My experience with Microsoft Exchange goes back to 1997, when the earliest versions were just being introduced. . . . So, I have a bit of knowledge myself when it comes to email.

Anyway, the point I wanted to make, and perhaps if you feel that it is noteworthy you can share my info to those that can get it out into the public eye, is about the Network that the email server was running on.

The US gov’t, and more specifically the DoD and State Department run the NIPRNet (non-classified Network) and SIPRNet (classified Network up to SECRET). Having a server, regardless of location would have to be on a network that met the rating for which classified material would be traveling over it.

It would be impossible for the Secretary of State to be effective at her job if she didn’t correspond about topics that had classified material. We don’t have to argue about whether or not she was effective .

So, if for example Clinton only dealt with SECRET materials and they were sent or received in her email, all of the equipment (routers, switches, etc.) would have to be rated for that SIPRNet connection. Also, the space in which the equipment and servers and client computers resided in would also have to meet the specifications for SECRET material. This would include various forms of physical access to the space in the form of secure cards, biometrics, etc. No space rated for SECRET opens with a key from the local hardware store.

That being said, if the room and equipment was rated for SECRET, it would leave a huge paper trail as all the equipment and effort to make the space secure would require procurement and assignment of goods and services. This would mean that the federal government was not only aware of the remote server, but also complicit.

Even a NIPRNet connection would have similar logistics behind it, because of the very nature the connection would have been some type of point to point to the server.

The biggest issue I see here would be is if the server was connected to the public Internet and it resided in a non-DoD-approved space.

Yeah, I’ll say. Other have been pointing this out, and I’ve touched upon it, but Mitch really gets to the heart of a key issue: either the Clinton server room — wherever that was — was SECRET-level secure, and the government was involved in setting it up, or it wasn’t, and that end of the communications link was at risk.

Neither answer looks good for HRC.  ..bruce..

[Here are all posts related to the Clinton e-mail issue.]

 

 

Be Sociable, Share!

Category: 2016 Election, Clinton E-mails, Information Technology, Intelligence, Pitfalls

About the Author ()

Webster is Principal and Founder at Bruce F. Webster & Associates, as well as an Adjunct Professor of Computer Science at Brigham Young University. He works with organizations to help them with troubled or failed information technology (IT) projects. He has also worked in several dozen legal cases as a consultant and as a testifying expert, both in the United States and Japan. He can be reached at bwebster@bfwa.com, or you can follow him on Twitter as @bfwebster.