Responding to mounting questions, Hillary Clinton—the former U.S. secretary of state and a presumptive presidential candidate—said this week that she “opted for convenience” by using a personal email account instead of her official one.
But let’s be real: There’s absolutely nothing convenient about setting up a private email server, as Clinton says she did in her Chappaqua, New York, home. And security experts say her system may have had vulnerabilities that could have exposed correspondence to hackers and government snooping.
Setting up a server is no simple task. “It’s a pretty big job to maintain a server like that and make sure it’s properly configured,” says Peter Firstbrook, an Internet security researcher at Gartner. Firstbrook says such an endeavor is “highly unusual.” He has not heard of any companies whose executives had set up personal servers for work emails, let alone government officials.
To set a personal email server, someone would need to:
- Buy a server, which is about the size of a desktop computer.
- Buy an operating system to run the server, most likely a version of Microsoft Windows or Linux.
- Buy an exchange program to manage the flow of emails (Microsoft Exchange Server is the most common).
- Buy a digital certificate to certify that the server has been encrypted.
- Buy a domain name (in this case, clintonemail.com).
- Install the software.
- Install virus and spam filters.
- Set up firewalls, including a message-transfer agent, an email-specific firewall.
- Get a business-class Internet connection—a regular consumer connection likely isn’t reliable enough.
- Configure the devices using the server, such as Clinton’s BlackBerry.