Most organisations are familiar with Bring Your Own Device; fewer with Bring Your Own Server. But that's what Hillary Clinton did while Secretary of State. Clinton may still be charged but the FBI has just decided using her own server to deal with classified information and therefore skirting Public Records Act requirements was not enough for it to recommend criminal charges be filed.
Putting the political angle to one side, it's a great reminder that information security isn't "set and forget". BYOD is fine in theory - but not only does it need to be regulated, it needs to bemonitored. No matter how clear a BYOD policy might be, it's almost certainly more convenient to ignore it. Convenience was Clinton's excuse.
Not only can BYOD mean valuable information is siloed, it can affect an organisation's compliance with the Privacy Act.
Making sure your organisation's information is secure but can be controlled and won't be lost should be top of the CIO's list.
Clinton deleted or her email system purged many of those emails over time. Because Clinton wasn’t working with a government server or even a commercial service like Gmail, no archive existed