For a President and Administration as unconventional as Mr. Trump, the news about how The Most Powerful Twitter Account in the World was being secured was just another data point in a raucous and singularly unprofessional first week in office – the online equivalent of trash talking the United States’ second largest trading partner. (https://www.nytimes.com/2017/01/26/us/politics/mexico-wall-tax-trump.html)
But is having the Chief Executive’s Twitter account secured by a Google Gmail account really a security lapse? Not necessarily, according to security experts. In fact, Gmail may offer superior security to government-run platforms, The Security Ledger argues. (https://securityledger.com/2017/01/trump-securing-potus-with-gmail-is-reasonable-heres-why/)
“Companies like Google and Microsoft have invested billions of dollars in securing their infrastructure,” said John Ackerly, the CEO at the firm Virtru, a secure email provider. “If want your data to be secure, it’s tough to beat Google, Microsoft or Amazon’s cloud,” he said.
Indeed, Gmail offers a wide range back-end and front end security features that make it among the most difficult platforms to compromise – providing users take advantage of those features. Among them: detection of nation-state attacks, protection against account takeovers, strong encryption for all Gmail data both at rest and in transit, and the availability of strong second-factor authentication options such token based authentication and soft second factors like SMS codes and Google Authenticator.
In contrast, the U.S. government has struggled to secure its own IT assets. In fact, a report by GAO in 2015 listed “personal identity verification” (http://www.gao.gov/assets/680/670936.pdf) as a top cyber security challenge for government agencies. By GAO’s accounting, only 41 percent of user accounts at 23 civilian agencies had required these credentials for accessing agency systems.