The Dana Files: Part 2
Who cares about computer security?
Immediately after I hit “publish” on my post this morning about Computer Security in Missouri (where I talked about the Courts), I was reminded of the journalist who was threatened with jail for talking about a data security issue with our Department of Education—after it had been fixed.
I had to promise my husband this morning that he will not go to jail. A promise I hope never to break.
The first issue that became a problem between Dana and Dean was about the constituent management software contract. Dean wanted to switch to a commercial product, and Dana wanted to keep using what we have.
I don’t know about the Fireside contract, but based on my experience with computer security in Missouri, I’m tempted to think that a commercial product would be more secure than whatever we’re currently using. The judge’s signature issue and publishing employee Social Security numbers should be enough, even without retaliation for noticing. But I’ve also had my own personal concerns about security within the Missouri House. And Dana has been specifically unhelpful.
On May 9, 2023, during the last week of the legislative session, there was an attempted hacking into my government account, apparently by an IP address located either in the Middle East or in Europe. I was given a BS explanation by IT, who did not attempt to look into the issue.
I was directed to Dana Miller’s office so that I could file a police report, but I was never directed to Capitol Security to file a police report. Instead, Ms. Miller gave me a long-winded explanation (that was not related to the hacking attempt) about why the House did not have a backup server. She then told me that she would have a “private conversation” with the IT department. I was specifically excluded from that conversation.
I wrote a letter to Ms. Miller describing the situation. (Names of private individuals and information related to the attempted hacking redacted.)
This is the entire response I received.
That was over a year ago. We still do not have 2FA.
The Dana Files - Part 1 (How are nonpartisan staff elected?)