Ensuring Secure Voting Machines

Posted: November 6, 2012 in Industry Commentary, Rethink Remote Access, VPN
Tags: , , , , ,

Last week, Rainer Enders, CTO of Americas at NCP engineering, was featured in an article by Bill Jackson, senior writer for GCN, about securing voting machines

In his post, Bill urged election officials to do “everything necessary” to combat against the threat of results from polling sites being manipulated through unsecured electronic systems. In particular, he says, election officials should pay careful attention to all results that are reduced to digital data, as they are most likely being stored electronically and transmitted over some type of network.

Here’s what Rainer had to say on the topic:

Fortunately, securing a networked voting system presents no particular challenge, Enders said. It doesn’t matter what type of information is being sent over the network, the solutions are the same.

“It’s critically important that as soon as you connect it to an external network it is secure and you don’t allow any unauthorized connections,” Enders said. And all data must be encrypted. “That is mandatory.”

Officials should not take too much comfort in the fact that election systems typically are up and operating for only a short time. “It does shorten the window of opportunity, but I don’t think it protects you too much,” Enders said. If an election system is being targeted, the attacker knows what that window is and will exploit it. He might not have time for a low and slow attack, but brute force is always an option.

The bottom line: This data is critical. “Don’t take shortcuts,” Enders said. “Use good, best-of-breed, standards-based security.”

 Bill also points out that – fortunately – there have been no reports of large-scale problems and the chances of it having an impact on today’s US elections are small. “But if the last 20 years of IT history security have taught us anything, it is that if something can be done, eventually it will be done,” he adds.

You can read the full article here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s