In her initial tweet, Dorries claimed her staff had access to her computer, including interns on exchange programmes, to help her manage emails. After an initial reaction from Twitter users and news commenters, other MPs replied to her statement with their own security habits. One MP claims he regularly forgets his password and has to ask his staff for it, while another said he leaves his machine unlocked and shares his password with his office manager.
Aside from MPs, former employees also joined the discussion. A past researcher claims that when he worked for an MP, he would log on and use his boss’ computer regularly. A producer for BBC’s NewsNight added that MPs sharing login details with staff is common practice.
Security experts have already criticized the MPs, while the Information Commissioner's Office reminded them that they are obligated to secure their data. Sharing passwords is understood to be unsafe; the more people that are allowed access to a device, the more chances that the access will be abused either on purpose or accidentally. And enabling two-factor authentication—already widely available to even casual email users thanks to mega-breaches in 2016—should be in practice by any individual handling any kind of sensitive data.
Ultimately, the MPs seem to have a laid-back attitude regarding password security. This comes at a time when cybersecurity is a matter of concern across the globe. The UK Parliament recently suffered a cyberattack in June, with some emails compromised because of weak passwords. And the General Data Protection Regulation (GDPR), which gives organizations strict guidelines for cybersecurity, is set to take effect in May 2018. Data protection, which starts with a secure and private password, should be top-of-mind for all organizations.
Securing passwords is one of the most basic steps when protecting a system. Shared passwords are a weak point in an organizations cybersecurity—it allows attackers an easy entry point into the system. From then, a compromised email can lead to a number of different attacks, or these credentials can even be used to gain deeper access into the network.
As cybersecurity incidents like data breaches become more commonplace, strengthening security practices for email and online accounts should be a priority for all users. Here are some basic tips on how to secure email accounts, and also allow others to access to your email securely:
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.