News MPs cough to password-sharing practices

Discussion in 'Article Discussion' started by bit-tech, 4 Dec 2017.

  1. bit-tech

    bit-tech Supreme Overlord Staff Administrator

    Joined:
    12 Mar 2001
    Posts:
    526
    Likes Received:
    11
    Read more
     
  2. Flibblebot

    Flibblebot Smile with me

    Joined:
    19 Apr 2005
    Posts:
    4,588
    Likes Received:
    134
    Damn those MPs and their annoying creaching ;)

    In most other organisations, sharing logon details is a disciplinary or even a sackable offence. I don't suppose we'll be so lucky with our MPs? :sigh:
    What's more worrying is that these people are in charge of important legislation like the Snoopers' Charter. How can they be expected to legislate on our national IT security when they don't seem to be aware of even the most basic of security precautions?
     
    DeckerdBR and Corky42 like this.
  3. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    9,420
    Likes Received:
    307
    Whoopsie-dupsie - I'll go fix, ta!
     
  4. GeorgeStorm

    GeorgeStorm Aggressive PC Builder

    Joined:
    16 Dec 2008
    Posts:
    5,673
    Likes Received:
    163
    Haha wow, and we're supposed to listen to some of these people about cyber security? :D
     
  5. Anfield

    Anfield Well-Known Member

    Joined:
    15 Jan 2010
    Posts:
    2,873
    Likes Received:
    55
    So I guess the £10 million for cyber security from here will be spent training MPs in how to keep their passwords safe?:naughty:
     
  6. Ramble

    Ramble Ginger Nut

    Joined:
    5 Dec 2005
    Posts:
    5,548
    Likes Received:
    29
    It's very convenient for MPs to do this as all auditing of their actions goes out the window.
     
  7. RedFlames

    RedFlames ...is not a Belgian football team

    Joined:
    23 Apr 2009
    Posts:
    8,091
    Likes Received:
    371
    Cue a clause exempting MPs and parliamentary staff from the Data Protection Act and/or Misuse of Computers Act getting snuck through in 3... 2... 1...
     
    Last edited: 4 Dec 2017
  8. wolfticket

    wolfticket Downwind from the bloodhounds

    Joined:
    19 Apr 2008
    Posts:
    2,605
    Likes Received:
    112
    They don't know what they're doing, and moreover they don't think it matters because they are in charge.
     
  9. RedFlames

    RedFlames ...is not a Belgian football team

    Joined:
    23 Apr 2009
    Posts:
    8,091
    Likes Received:
    371
    Also idly wonders how many of the MPs who've fessed up to doing **** like this, were also up in arms after that NHS Ransomware incident...

    'I don't need to know how Encryption works...'
     
  10. Corky42

    Corky42 What did walle eat for breakfast?

    Joined:
    30 Oct 2012
    Posts:
    7,612
    Likes Received:
    97
    I feel all warm and snugly knowing the people passing laws on my privacy and security can't even grasp the most basic tenants of both.
     
  11. Cheapskate

    Cheapskate Insane? or just stupid?

    Joined:
    13 May 2007
    Posts:
    9,435
    Likes Received:
    273
    I don't see why sharing their passwords is an issue. You know they are probably using the word, 'password' anyway.
    Also, I just figured 'creach' was one of those British-only words. :worried:
     
  12. theshadow2001

    theshadow2001 [DELETE] means [DELETE]

    Joined:
    3 May 2012
    Posts:
    5,091
    Likes Received:
    125
    If the problem is widespread, it's an indication that either their IT infrastructure or the governing procedures don't meet the actual working requirements of the MPs.
     
  13. Corky42

    Corky42 What did walle eat for breakfast?

    Joined:
    30 Oct 2012
    Posts:
    7,612
    Likes Received:
    97
    From what i gather the governing procedures are fairly unambiguous, there's the Advice for Members and their staff handbook, the Information Security Responsibilities handbook, the Data protection law that they actually passed, discussed, and voted on, and i dare say there's loads more rules and regulations telling them not to share their password and allowing any tom, dick, or harry access to their constituents confidential communications.

    It's also my understand that because MP's are using Office 365 that they can use 'delegate level access' so it seems doubtful that it would be an infrastructure issue.

    Apparently though we're all misogynistic trolls according to Nadine for making such a big issue of this, maybe that's why this hasn't been covered more by the media, i would have thought MPs from whatever party their from as it seems the practice of sharing login details is wide spread, i would have thought admitting that there's no confidentiality between constituents and the people they elected to represent them would be headline news, i guess I'm wrong though. /R
     
  14. ElThomsono

    ElThomsono Active Member

    Joined:
    18 Mar 2005
    Posts:
    2,552
    Likes Received:
    17
    With Amber "I don't need to understand how encryption works" Rudd at the helm, that's not surprising.
     
  15. theshadow2001

    theshadow2001 [DELETE] means [DELETE]

    Joined:
    3 May 2012
    Posts:
    5,091
    Likes Received:
    125
    I was referring to governance of the IT system such as access levels granted to people rather than the rules that users must follow.
     
  16. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    9,420
    Likes Received:
    307
    Article updated with MPs being told to stop being idiots by both the Parliamentary ICT Security team and ICO.
    More likely that the MPs have no idea what they're doing and are too arrogant to ask. I know for a fact they use Outlook with an Exchange server, and as Troy Hunt proves 'ere there are proper, fully-functional, secure, trackable ways to let your staff handle your emails without throwing your username and password at 'em - and they're literally a couple of clicks away at any time.
     
  17. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    9,420
    Likes Received:
    307
    Hey, @MLyons - it's done it again. I typo'd "breach" as "creach" in the lede, fixed it yesterday, and now it says "creach" again. (Well, not any more, 'cos I've fixed it again - but it did.)

    [​IMG]
     
  18. theshadow2001

    theshadow2001 [DELETE] means [DELETE]

    Joined:
    3 May 2012
    Posts:
    5,091
    Likes Received:
    125
    I'm not saying they're not inept and need training. Just that people doing silly things across a full organisation is an indication of systems and pragmatic reality not matching up. An indicator not a definite concrete piece of evidence.
     
Tags: Add Tags

Share This Page