The pressure to ensure the security and incorruptibility of our election process has never been higher. Municipal clerks, responsible for the administration of a guarded and unsullied democratic process, are looking for guidance and advice to help them reassure their citizens and foster the type of fail-safe democratic process on which our nation was founded. To assist municipal clerks, we are offering suggestions for election security initiatives in advance of November 2020.
Defend, Detect, Recover
Clerks and election officials across the nation must commit to a promise to help defend, detect, and recover. An impermeable process is next to impossible given the wide variety of systems used to run elections, including paper pollbooks, electronic pollbooks, voter registration and election management systems, ballot printing systems, mail ballot preparation and processing systems, websites with voter tools and public information, and even geographic information systems (GIS). The goal instead must be to ensure that no attack exceeds our ability to detect and recover from the threat. Such responses may including recounting ballots or retrieving data from backup servers.
Collaborate with Nearby Communities
Even though municipalities operate their elections independently, the threat to democracy is a shared peril. Local governments must maintain open lines of communication with one another and share training resources as well as insights regarding dangers and identified incidents.
Evaluate Your Voting System
Paper ballots may offer the most reliable barrier to tampering, as they represent a tangible and auditable record of each vote, making them impervious to cyberattacks. They are also, however, manually time-consuming to manage, especially if a recount becomes necessary. Consider the implementation of modern voting software that acquires a digital record of each paper ballot to streamline the auditing and record-keeping process. From a best practice perspective, digital scanning devices that create images of ballots are more reliable than scanning devices that do not keep an image record. Similarly, ballot marking tools are considered more reliable than machines with paper audit trails.
If your municipality does not utilize a paper-based election system today, consider adding a paper verification element as the definitive record of each voter’s intention. When implementing voter registration or election security software, incorporate forensics capabilities. Such tools allow administrators to compare snapshots of deployed software with a reference copy during the election to verify it is operating as expected.
Evaluate Your Voting Processes
Bring your integrated election day and security teams together for an onsite, day-long workshop to evaluate and optimize your election day workflows. Outline all your voting systems and processes and poke holes in possible vulnerabilities, from staffing deficits to registration systems, to e-pollbooks and paper ballots. By outlining the process and walking through all possible data points, you may be able to identify weaknesses and threats before someone else does. Ensure your methods include redundancy safeguards for auditing and accuracy purposes, such as paper pollbooks to back up malfunctioning electronic devices or records of electronic ballots.
Implement Best Practices
The Center for Internet Security recommends 20 cyber controls and resources that all municipal IT departments should consider as part of their overarching cyber protection strategy, particularly as it relates to election protocols. The recommendations include:
- Basic CIS Controls:
- Inventory and control of hardware assets
- Inventory and control of software assets
- Continuous vulnerability management
- Controlled use of administrative privileges
- Secure configuration for hardware and software on mobile devices, laptops, workstations, and servers
- Maintenance, monitoring, and analysis of audit logs
- Foundational CIS Controls:
- Email and Web browser protections
- Malware defenses
- Limitation and control of network ports, protocols, and services
- Data recovery capabilities
- Secure configuration for network devices, such as firewalls, routers, and switches
- Boundary defense
- Data Protection
- Controlled access based on the need to know
- Wireless access control
- Account monitoring and control
- Organizational CIS Controls:
- Implement a security awareness and training program
- Application software security
- Incident response and management
- Penetration tests and red team exercises
Train All Staff
Seek the advice of outside counsel. Partner with external digital and election security experts to offer training to all election day staff, including volunteers. Also, consider partnering with an external consultant to assess your digital security threat levels and provide recommendations to safeguard your infrastructure and data stores.
Staff a Dedicated Expert
Consider the addition of an information security officer to your integrated election administration team. Talk to your information technology team about the viability of such a hire. Depending on the size of your municipality, your staff, and your budget, a new hire with expert digital security knowledge may be a challenge. If so, consider expanding the role of one of your digital experts who can be trained to take on the responsibilities of identifying and implementing systems to safeguard data, detect cyber threats, respond, and recover. Such experts can help you and your IT team to mitigate the vulnerable attack vector and your chance of a data breach.
Explore Audit Opportunities
Contact your state officials and discuss the possibility of implementing an audit system for all local elections. Such discussions will be more impactful if the effort to advocate for such investment is a collaboration among a large group of counties, cities, towns, and villages in your state. As mentioned before, the most safeguarded voting process includes both paper and digital records. For this reason, ideally, any audit processes should consist of a visual comparison of a paper ballot with a digital file.
Implement Administrative Protections
If breached, clerk and election administrator master software accounts pose a high risk of data corruption, confiscation, or ransom. All master election system accounts should be protected with multi-factor authentication (MFA) protocols.
Practice Emergency Scenarios
In the months leading up to election day, work with internal staff and external consultants and vendors to practice disaster defense, detection, and recovery procedures.
Funding Safeguarding Strategies
We must acknowledge that the aforementioned recommendations will come with a lofty price tag. Voters and elected officials must approve funding for these safeguards, especially considering the inherent risks to our democratic system. Understanding that such an investment may not be feasible within existing budget constraints, create a ten-year election security roadmap, and budget for incremental improvements over the course of the years.
Many elected officials are predicting high levels of citizen engagement and voter turnout for the 2020 elections. Knowing that municipal clerks and their IT support teams are on the frontlines of election security, starting the assessment, troubleshooting, and optimization process now can help mitigate threats to democracy in November 2020.