The first wave of MPs have already begun reporting for duty at the Palace of Westminster, creating an urgent need for IT staff to prepare email accounts, network access, government laptops and other IT resources for MPs and their staff. At the same time, hundreds of MPs lost their seats or stood down at the May 6th election, creating an equally pressing need to disable surplus accounts, ensuring that network and data security is maintained.
Failure to safeguard confidential internal and customer data can expose a government department to a multitude of regulatory and legal challenges, particularly if any subsequent investigation finds that reasonable steps were not taken to safeguard such data because spending on and attention to data governance had been reduced. The risk of this happening can be amplified by the chaos and confusion created by a massive simultaneous influx of new staff and mass departure of redundant staff, as we are seeing within both central and local government in the UK.
As illustrated by data losses at HM Revenue and Customs, various NHS departments and the Ministry of Defence, legitimate IT access credentials can cause more damage than invasive hacking, making access credentials belonging to former employees and contractors with by far the most serious threat to information security facing parliamentary IT staff over the coming days and weeks.