"Parker is urging vendors and customers alike to shore up security of their systems by performing penetration testing and software audits and training employees, particularly those in IT departments. He also said that multi-factor authentication should be universally available for all such systems."
Aspirational at best. I'd love to see the governments in the US actually (not just lip service) buckle down and solve the severe threat current IT systems pose to our national security and privacy because they're actually intertwined concepts. You can't have one without the other.
But, court staffs are filled with people that can barely turn on computers, let alone understand the implications of their actions. They can't, and in many cases won't, think through things to their logical ends. Politicians that create and fund the mandates are no better, and in both cases theoretical ideological ends often override reality.
The vendors have no incentives to improve this system. There metrics are to minimize the number of support calls over the lifetime of their deployments. This disincentivizes changes to methods of access and utilization while incentivizing "common sense" - which is anything BUT common nor sensible in these cases - loop holes to security policies and enforcement.
