{"id":7774,"date":"2015-03-10T10:00:12","date_gmt":"2015-03-10T15:00:12","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=7774"},"modified":"2015-03-10T10:00:12","modified_gmt":"2015-03-10T15:00:12","slug":"the-ambassador-who-worked-from-a-nairobi-bathroom-to-avoid-state-dept-it","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/03\/10\/the-ambassador-who-worked-from-a-nairobi-bathroom-to-avoid-state-dept-it\/","title":{"rendered":"The Ambassador who worked from a Nairobi bathroom to avoid State Dept. IT"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/arstechnica.com\/information-technology\/2015\/03\/the-ambassador-who-worked-from-nairobi-bathroom-to-avoid-state-dept-it\/\"><img data-recalc-dims=\"1\" height=\"325\" width=\"640\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/03\/nairobi1web_944_1-640x325.jpg?resize=640%2C325\" alt=\"\" \/><\/a><\/p>\n<p>The current scandal roiling over the use of a private e-mail server by former Secretary of State Hillary Clinton is just the latest in a series of scandals surrounding government e-mails. And it\u2019s not the first public airing of problems with the State Department\u2019s IT operations\u2014and executives\u2019 efforts to bypass or work around them. At least she didn\u2019t set up an office in a restroom just to bypass State Department network restrictions and do everything over Gmail.<\/p>\n<p>However, another Obama administration appointee\u2014the former ambassador to Kenya\u2014did do that, essentially refusing to use any of the Nairobi embassy\u2019s internal IT. He worked out of a bathroom because it was the only place in the embassy where he could use an unsecured network and his personal computer, using Gmail to conduct official business. And he did all this during a time when Chinese hackers were penetrating the personal Gmail inboxes of a number of US diplomats.<\/p>\n<p>Why would such high-profile members of the administration\u2019s foreign policy team so flagrantly bypass federal and agency regulations to use their own personal e-mail to conduct business? Was it that they had something they wanted to keep out of State\u2019s servers and away from Congressional oversight? Was it that State\u2019s IT was so bad that they needed to take matters into their own hands? Or was it because the department\u2019s IT staff wasn\u2019t responsive enough to what they saw as their personal needs, and they decided to show just how take-charge they were by ignoring all those stuffy policies?<\/p>\n<p>The answer is probably a little bit of all of the above. But in the case of former ambassador Scott Gration, the evidence points heavily toward someone who wanted to work outside the system because he just couldn\u2019t stand it.<\/p>\n<p>Take this IT and flush it<\/p>\n<p>Shortly after his arrival in Nairobi, Gration \u201cbroadcast his lack of confidence in the information management staff\u201d of the Embassy, the State Department Office of the Inspector General noted in an inspection report on the embassy that precipitated Gration\u2019s resignation:<\/p>\n<p>Because the information management office could not change the Department\u2019s policy for handling Sensitive But Unclassified material, he assumed charge of the mission\u2019s information management operations. He ordered a commercial Internet connection installed in his embassy office bathroom so he could work there on a laptop not connected to the Department email system. He drafted and distributed a mission policy authorizing himself and other mission personnel to use commercial email for daily communication of official government business. During the inspection, the Ambassador continued to use commercial email for official government business.<\/p>\n<p>Gration\u2019s demands and \u201cflouting of direct instructions to adhere to Department policy \u201c put the IT staff at the embassy in Kenya in the position of having to choose between making their boss happy and following State Department regulations and government information security requirements. When they failed to respond to Gration\u2019s demands in a timely fashion, he escalated things by \u201cpublicly berating members of the staff, attacking them personally, loudly questioning their competence, and threatening career-ending disciplinary actions,\u201d the IG\u2019s office reported. \u201cThese actions have sapped the resources and morale of a busy and understaffed information management staff as it supports the largest embassy in sub-Saharan Africa.\u201d<\/p>\n<p>Apparently, Gration\u2019s impatience with IT extended to not using his secure email and the \u201cfront channel\u201d secure diplomatic cable system. The Inspector General\u2019s inspection team observed that \u201cthe Ambassador does not read classified front channel messages. No one in the mission screens incoming cables for the Ambassador relevant to Kenyan and US interests in the region. The OIG team also observed that the Ambassador very infrequently logs onto his classified account, which would allow him to read cables and classified emails.\u201d In the end, the IG team recommended that somebody check his accounts for him and screen messages for relevance.<\/p>\n<p>In other words, Gration was the end user from hell for an understaffed IT team in a politically sensitive outpost. \u201cHe has willfully disregarded Department regulations on the use of commercial email for official government business,\u201d the IG report noted, \u201cincluding a front channel instruction from the Assistant Secretary for Diplomatic Security against such practice, which he asserted to the OIG team that he had not seen\u201d\u2014because he never used his secure network account.<\/p>\n<p>What could have possibly motivated that sort of behavior from a man who had clearly dealt with secure government IT systems in the past as an Air Force major general? In part, it may have been that regardless of how competent the IT team at the Nairobi embassy was, State Department information systems might make working out of a bathroom look good to anyone accustomed to more corporate IT.<\/p>\n<p>Read More: <a href=\"http:\/\/arstechnica.com\/information-technology\/2015\/03\/the-ambassador-who-worked-from-nairobi-bathroom-to-avoid-state-dept-it\/\" target=\"_blank\">The Ambassador who worked from a Nairobi bathroom to avoid State Dept. IT | Ars Technica<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The current scandal roiling over the use of a private e-mail server by former Secretary of State Hillary Clinton is [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[6,7,10],"tags":[420,524,590],"class_list":["post-7774","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","category-technology","tag-gmail","tag-information-technology","tag-kenya"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-21o","jetpack-related-posts":[{"id":8157,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/04\/29\/researcher-claims-that-attackers-can-easily-bypass-current-osx-security-tools\/","url_meta":{"origin":7774,"position":0},"title":"Researcher claims that attackers can easily bypass current OSX security tools","author":"NCCT","date":"April 29, 2015","format":false,"excerpt":"Most Mac users feel as though they are impenetrable to viruses and malicious software, but according to one researcher that is not the case. While Apple has its fair share if security measures in place, recent data has surfaced suggesting those tools are \u201ctrivial\u201d for any attacker to bypass. For\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8626,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/09\/16\/report-new-hack-lets-an-attacker-bypass-password-locked-android-home-screens-2\/","url_meta":{"origin":7774,"position":1},"title":"Report: New hack lets an attacker bypass password-locked Android home screens","author":"NCCT","date":"September 16, 2015","format":false,"excerpt":"If no one has been able to convince you to take your device\u2019s security seriously, perhaps this hack will do it. A video uncovered by Ars Technica shows someone able to use the emergency call access to gain entry to a locked phone, even though it\u2019s protected with a password.\u2026","rel":"","context":"In &quot;Hardware&quot;","block_context":{"text":"Hardware","link":"https:\/\/nccomputertech.com\/techtalk\/category\/hardware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/J-pFCXEqB7A\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":6892,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/11\/19\/att-kills-the-permacookie-stops-tracking-customers-internet-usage-for-now\/","url_meta":{"origin":7774,"position":2},"title":"AT&#038;T kills the &#8216;permacookie,&#8217; stops tracking customers&#8217; Internet usage (for now)","author":"NCCT","date":"November 19, 2014","format":false,"excerpt":"In recent weeks, Verizon and AT&T have been caught up in a privacy firestorm over their use of so-called \u201cpermacookies,\u201d a method of tracking what their users do while browsing the Web with the intent of sharing that data with advertisers. Verizon\u2019s permacookie program lives on, but AT&T has ceased\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8771,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/12\/07\/microsoft-global-law-enforcement-agencies-disrupt-dorkbot-botnet\/","url_meta":{"origin":7774,"position":3},"title":"Microsoft, global law enforcement agencies disrupt Dorkbot botnet","author":"NCCT","date":"December 7, 2015","format":false,"excerpt":"By Shawn Knight | Techspot Microsoft, in cooperation with a number of law enforcement agencies around the world, managed to disrupt a botnet that\u2019s infected over a million PCs across more than 190 countries. First discovered in April 2011, Dorkbot is an IRC-based botnet that has been commercialized by its\u2026","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7345,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/01\/07\/netflix-begins-blocking-users-who-bypass-region-locks\/","url_meta":{"origin":7774,"position":4},"title":"Netflix begins blocking users who bypass region locks","author":"NCCT","date":"January 7, 2015","format":false,"excerpt":"Netflix has begun blocking users' access to the service when it detects that a geolocation bypassing utility, such as a proxy or VPN, is being used. Although these blocks are currently limited in scope, it could be a precursor to a wider crackdown by the popular streaming service. Over the\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6054,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/23\/security-expert-details-multiple-undocumented-services-running-on-all-ios-devices\/","url_meta":{"origin":7774,"position":5},"title":"Security expert details multiple undocumented services running on all iOS devices","author":"NCCT","date":"July 23, 2014","format":false,"excerpt":"During a recent hacker conference, forensic scientist and iPhone jailbreaking expert Jonathan Zdziarski outlined a number of undocumented high-value forensic services running on every iOS device. He also found suspicious design omissions in iOS that make data collection easier according to a report from ZDNet. Zdziarski notes that while Apple\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7774","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=7774"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7774\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=7774"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=7774"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=7774"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}