The Role of Identity in Election Security: Helping States Protect Critical Election Systems
Fall is here and Americans are preparing to cast their ballots in the midterm elections. There are many things on the minds of voters as they make their decisions on who to best represent their interests, and this year, another issue that they keep seeing in the news is security and the integrity of our elections. Recent revelations from the Democratic National Committee, Microsoft, and Facebook all reveal a common thread – bad actors are still actively targeting our election system. As we near this American tradition, election security has become an increasingly pressing issue for the organizations responsible for putting on our elections, tallying the votes, and recording the results.
To help mitigate potential cyber threats, the National Association for Secretaries of State is liaising with the federal government on behalf of the states to urgently improve security ahead of the midterms. Congress has already acted with the passing of the Consolidated Appropriations Act of 2018, signed into law on March 23, making $380 million available in grants to states to improve the administration of elections, including to enhance technology and make security improvements. That may seem like a lot at first, but when divided among the states, then looking at the many legacy, disparate systems each state needs to upgrade and secure, the resources and funds available need to be allocated smartly.
With so much at stake, where should states focus their resources? First, let’s note that we’re focusing here on the security of administration of the election itself. From this election system standpoint, there are four areas where states need to devote their security resources:
-
Voter registration database
-
Election management system
-
Election night reporting systems
-
Electronic voting machines
While physical voting machines carry distinct challenges, there is one critical step for securing the first three – the voter registration database, election management system, and election night reporting systems – that can ensure outside actors are unable to gain access to, and potentially change, election results or cause chaos and confusion on election day.
With more than 80% of breaches caused by poor or stolen credentials, identity is core to mitigating these attacks. For example, states must protect the identity and validity of every voter in the database to ensure that our democratic process is fair and that it works as our founders intended: one person, one vote. And, after the voting window has closed, we need to make sure no one can tamper with the results. Yet, while the need here is clear, it’s unrealistic to expect any organization to spend 80% of their security resources on identity-focused systems.
Instead, states should concentrate their identity investments on foundational technologies and policies that provide multiple layers of protection around user access:
-
First, by setting stringent identity-driven access policies, election organizations can better ensure that only the right people can access and make changes to the registration database, or the results themselves. Poll workers, for example, may need access to view and confirm voters’ registration, but there is no reason for them to have the ability to change records without further review.
-
Similarly, any external systems that connect to these core databases or election management systems should also have access security. APIs are a powerful way to develop innovative and improved systems both within and among organizations – but similar practices should be put into place to ensure that those accessing these now open APIs to sensitive election data are the right people as well.
-
In addition to these core access policies, organizations need to ensure that as election officials change roles or leave the team, their access is consistently controlled. Using technology that allows the election IT teams to easily manage the ‘lifecycle” of a user makes it possible to quickly provision or, if someone leaves the organization, deprovision them from all systems quickly and securely – ensuring they can’t take action as a potential insider threat or become another target for compromise.
-
Finally, states should make sure that there are multiple checkpoints for every user to confirm they are who they say they are – preventing a lost (or poor) password from being the achilles heel in the system. Multi-factor authentication for election security isn’t a silver bullet, but it’s a critical protective measure that all organizations must implement. Layered with stronger cyber hygiene and user education around common attacks such as phishing, MFA is key to mitigating user-focused attacks that might, in its absence, allow an attacker to gain access to our election systems.
There is a lot that can help protect our elections this November, and for years to come. Each of these security aspects can also be used as components of a modern voting app, serving as the identity layer and foundational component to the modern security stack both for election workers and for voters – one that will be able to support both as they grow and evolve in the long term. The reality of today’s threat landscape is that our greatest strength is also our greatest weakness – people. By investing in identity and access management, state election teams can focus their limited resources on a technology that addresses a potentially major area of weakness, enabling voters to focus on their task at hand: participating in our democratic process.