Early this year I spoke about how 2016 will be all about security. Now as we are almost half way through, it looks like I was right. In the US, the FBI is still investigating the use of a private email server by presidential hopeful Hillary Clinton. And now it seems we have a Dutch version, with a notable reasoning for it.
Economic Affairs minister Henk Kamp admitted on national television that he sometimes uses his private email account to receive emails from his department ‘from civil servants on every level’. What kind of emails and what kind of (sensitive) information is in them, he did not mention. Why did he use his private email for this? ‘Because that works easier.’ That is troublesome.
Kamp’s private email is a Gmail-account. That means that the emails for his department are on an American server! This also means that the American federal government has access to – potentially sensitive – Dutch information. I think that is very troublesome! Another problem with this, is that his account was hacked, probably by using phishing. It is because of this hack and the Minister filing charges on this, that we now know he uses this account.
The reason he uses his Gmail-account is that it is easier to work with. The Dutch government works with closed systems, accessible through VPN, which makes it really hard to access through a mobile device, and with elaborate passwords that need to be changed every couple of months. And the new passwords have a lot of restrictions. This kind of extensive security makes that people write down their passwords. Or, do as Henk Kamp, and use unencrypted accounts as their email service.
It turns out that all these layers of security make it more insecure. While security is of course of the utmost importance, we should keep in mind that we need security as a solution that both helps secure our data, but also lets us get access to that data in a normal way. If we have such a level of security that we need a photographic memory to remember all those different and difficult passwords – then Henk Kamp shows us that we have actually made the situation insecure by trying to make it too secure.