Trump's response to N. Korea missile was posted on Facebook by Mar-a-Lago guests.

This weekend, as news of a ballistic missile launch by the Democratic People's Republic of Korea (North Korea) reached President Donald Trump and Japanese Prime Minister Shinzo Abe, President Trump got on his phone, and Abe consulted with staff. This didn't happen behind closed doors, however; it took place as members of Trump's Mar-A-Lago Club watched on in the resort's dining room. One club member even posed for photos with Trump's aide-de-camp—the Air Force major carrying the president's "nuclear football"—and posted pics of the scrum around Trump's table on Facebook.

Trump is comfortable conducting business over a meal. Last month, Trump approved a raid by US Navy SEALs in Yemen on an Al Qaeda compound not after a briefing in the White House situation room but rather over dinner with senior officials. These and other details of how the new president and his administration operate suggest that despite hitting Hillary Clinton hard for her security foibles, the Trump White House is not big on operational security (opsec).

President Trump may not be making phone calls on his old, vulnerable Android device, but he keeps it close at hand. He regularly posts to Twitter from his Samsung phone based on his Twitter metadata. And we know he's using an unsecured Android device because the secure one he's been issued wouldn’t even allow Twitter to be installed.

That mobile device is a highly modified Android-based phone from the Defense Information Systems Agency's DOD Mobile Classified Capability (DMCC) program. Trump was given a phone issued to President Barack Obama to replace his "Obamaberry"—a prototype from the DMCC's Top Secret-level product development. Unlike the Secret-classified device already being issued more widely by DISA—a customized Samsung phone—the presidential droid is apparently based on the Boeing Black, according to Defense One's Patrick Tucker. Only a few of the phones were issued by DISA. President Obama got one, and NSA/ US Cyber Command chief Admiral Michael Rogers got one as well.

But the presidential Black connects exclusively to a secured, dedicated virtual network for voice and data calls, and it runs a very limited number of applications—all of them communication-focused. It can't even make direct outgoing calls; all calls would be routed through the White House Communications Agency's virtual switchboard. When President Obama made the first post to the @PotUS account in May of 2015, the New York Times reported that he borrowed a staff member's iPhone.

So in order to post his Twitter missives, Trump has to either have someone else do it for him or carry his unsecured Android device with him—which he apparently does constantly based on his Twitter metadata. It's not even clear that Trump carries anything but his own Android device when he's at his Mar-A-Lago home.

Most senior executives, including the president, typically have secure compartmented information facilities (SCIFs) installed in their residences. President Obama traveled with a portable SCIF—a tent designed for taking secure calls. Such setups include white noise generators and Faraday-cage walls that contain electromagnetic radiation from communications devices.

It’s not known if Trump has one of these tents set up in his Mar-A-Lago home. But he took the call about the North Korean ballistic missile launch on an open terrace, surrounded by club members. While that's a sort of white noise generator on its own, this setup is not exactly the kind the White House security team would prefer.

It would have been the job of the White House's chief information security officer to try to get President Trump to comply with proper operational security practices. But Cory Louie, who was appointed to that position by President Obama in 2015, was apparently pushed out earlier this month. The overall federal CISO, Greg Touhill, resigned in January. Since they were both Obama appointees, the exits are not out of the ordinary—but no one has been selected to fill their positions. Additionally, there's been no announced candidate for the role of federal chief information officer—a job Trump may choose not to continue.

Aside from the standard information security concerns, however, there are other major worries about the Trump administration's security profile. Former NSA analyst and Observer columnist John Schindler reported recently that a Pentagon official said, "Since January 20, we’ve assumed that the Kremlin has ears inside the [White House Situation Room]." Schindler suggested that intelligence officials may be holding back sensitive information from the White House because of concerns that the White House—and National Security Advisor Michael Flynn in particular—have perhaps too much of a cozy relationship with the Russian government.

And if that's the case, then taking a sensitive call on an open terrace surrounded by the public may be the least of the Trump administration's opsec concerns.