I read the highlights of the FBI report on the state of security on that server. Any IT person reading it can only conclude Bryan Pagliano is a moron in the context of IT. My 15-year-old nephew could have done a better job securing that machine and connection.
The homebrew server had no encryption safeguards, poor security patching, badly configured firewalls, RDP left on default port, was run on a residential connection, etc. It was subject to multiple hacking attempts (including one successful one via Tor) requiring repeated shutdowns. A competent IT person who’s serious about sensitive information does not allow that to happen. There’s a reason Pagliano took the 5th during questioning by Congress and later co-operated with the Justice Dept in exchange for immunity.
As for Clinton, I doubt that anyone could have convinced her to use the State Dept server because of her personality and paranoia (some of it justified). A competent person could have mitigated the damage, but loyalty is more important than technical ability when politicians and executives like Clinton hire IT people.