The last few days has seen the UK’s House of Commons in the midst of a cybersecurity blunder. Following Damian Green’s pornography scandal, Nadine Dorries tweeted:

Since the tweet went live, it’s created a stir among the cybersecurity community. Dorries defended the practice saying that MP’s have to deal with vast amounts of emails, so had to give her staff the ability to read them and respond. However, it’s been widely pointed out that you can distribute access to email without needing to share your login credentials.

Foregenix have recently featured on BBC Wiltshire, discussing password security and the future of passwords. You can listen in to that here

Following the negative response online, more MP’s, namely Nick Boles and Will Quince, have come out as password sharers.

This lax approach to password sharing has prompted a response from the Information Commissioners Office:

“We’re aware of reports that MPs share logins and passwords and are making enquiries of the relevant parliamentary authorities. We would remind MPs and others of their obligations under the Data Protection Act to keep personal data secure.”

Allowing other people to have access to your computer can have dire consequences for network security. All it takes is for someone to unwittingly download a file, click a link, or plug in a USB stick with an infected file to completely cripple a business.

It’s not uncommon for breaches to stem from an internal source, so minimising the possibility is crucial. A password to an MP's computer could be worth a lot of money to those who would seek to damage our infrastructure. 

It's important not to share your login credentials, no matter who you are. It’s not a question of how much you trust your employees with your details, but rather how much you value your business.

Under the new GDPR legislation coming into force in May 2018, we could see greater punishments for organisations not taking appropriate measures to stay secure.