The immense impact of a US Government classification mishap
FBI investigators are launching a new case to see if emails sent and received by Democratic presidential contender Hillary Clinton had the correct classification markings following revelations that an insider may have stripped the most serious “secret” markings from her emails.
Emails containing classified information – including spy satellite intelligence – were sent and received over Clinton’s private unsecured server, over a three month period. In the US, stripping classification labels from intelligent information is a felony under the federal law.
News legal analyst Judge Andrew Napolitano gave his comment on “Fox & Friends” stating that this scandal was “a grave situation” for the Clinton legal team, giving further comments later in the week that deleting classification labels from Clinton’s emails would constitute two felonies: One, altering a top secret document and two, storing a top secret document in an unsecured location – that being Clinton’s private server.
Most serious of all the allegations surrounding Clinton’s emails includes that information that was highly classified was mislabelled as unclassified. According to a report from the Intelligence Community Inspector General, the information in question should have been classified with labels up to the level of “TOP SECRET // SI // TK // NOFORN”. A full guide to the marking of classified information within the US Government can be found here.
With email being the primary communication and collaboration tool within most organisations, it comes as no surprise that the need enforce strict classification rules and regulations in order to keep information protected is more important than ever.
While many organisations are still using more simplistic classification approaches, like the US Government, where documents are manually classified using simple visual markings, the leading organisations are turning to data classification solutions, such as Boldon James Classifier. These solutions offer a more sophisticated approach to classification, while still remaining user-friendly and simple to use.
In addition to visual labels, Boldon James Classifier also adds a metadata label which can be used to both enforcing security policies and invoke and drive other technologies such as encryption, data loss prevention (DLP) and digital rights management solutions.
While not condoning the apparent violations of numerous US government rules and regulations, had Hillary Clinton’s team been using a data classification solution such as Boldon James Classifier to enforce their classification policy, the metadata label or tag would firstly have prevented the email from being sent outside of the organisation (to a private server for instance) even should the visual label have been removed.
Furthermore the metadata label will have invoked additional layers of security, such as encryption and data loss prevention tools to further enhance protection downstream. Unfortunately, the reality in this situation is, that by not following well recognised best practice, the Clinton campaign staff find themselves in a sticky situation, with it also safe to assume that foreign intelligence services including the likes of Moscow and Beijing will know exactly what Hillary’s “private” emails as Secretary of State contained.
Georgina is a Senior Marketing Executive at Boldon James. Reprinted from http://www.boldonjames.com/data-security-blog/no-ordinary-secrets-the-im...