Online Voting best practices for associations and organizations
It’s no secret that security and data breaches are on the rise. Recent reports have identified a 68% increase in data breaches between 2020 and 2021, affecting all types of organizations and associations from the Internet Society and the Red Cross, to the American Osteopathic Association and the American Payroll Association.
Cyberattacks have also become top of mind for many association leaders. A 2016 research brief from the American Society of Association Executives (ASAE) reported that most association CEOs and CIOs consider attacks to be unavoidable. Unfortunately, this feeling of the inevitability of such attacks combined with budget constraints and the effort involved in proactively improving security practices results in many associations leaving cybersecurity to be addressed only after an incident has occurred.
Taking all of this into account alongside the fact that many decision-making processes, like association meetings and elections, are now being organized virtually and online, it is clear that these events, if not protected by a secure and trusted solution, can be vulnerable to security breaches.
While your association may choose to implement an online voting solution for a variety of reasons, including streamlined event planning and increased member engagement, what security features and measures should you consider when deciding on a provider?
We recommend using the following checklist, which highlights key security measures that must be implemented in an online voting solution, and why they are important.
Encryption is of utmost importance in protecting sensitive organizational data and your members’ personal data, like names, addresses, and passwords, while they are stored on and sent over the internet. With encryption in place, if an attacker were to gain access to your data, such as in a ransomware attack, they would not be able to read it. All data related to your decision-making event and your members should be stored in an encrypted manner within the online voting solution.
End-to-End Vote Encryption
In addition to encrypting general data about your association and members, every ballot cast through an online voting solution should also be protected by end-to-end encryption. This means that when a voter clicks on the “CAST” button, their vote is directly encrypted on their device (one “end” of the voting process) and remains encrypted until it reaches the voting server and is included in the final tally (the other “end” of the voting process). With end-to-end encryption, the contents of a voter’s ballot always remain private.
Using digital signatures allows the voting server to verify that only eligible voters have cast votes in your meeting or election. Without digital signatures, an unauthorized user who gains access to the voting server could potentially add votes without being detected. Digital signatures should be easily created by your online voting provider, if necessary, and automatically applied to ballots before casting without any extra effort from the voter.
Secure Credential Delivery
In order to ensure that only eligible participants can gain access to your online voting platform, they will need log-in credentials. Often, these credentials are provided by the online voting provider. If this is the case, credentials should always be delivered in a secure format. This is commonly achieved through the use of one-time links and PIN codes. If sent by email, information should be provided so that your members can verify that the email has been sent from a trusted source, preventing email-related attacks.
Along with delivering credentials securely, an online voting solution should also implement multiple factors of authentication. This means that eligible participants will have to verify their identity through a set of identifiers, rather than merely a password. These factors might include a code sent to a voter’s email or phone and a membership ID number.
Providing voters with receipts or confirmation codes after they have cast their ballots is a method of individual verifiability and allows voters to check that their ballot was included in the final results. If an attacker has infiltrated the system and removed votes from the voting server, or prevented them from arriving in the first place, then the voters who cast them will not be able to locate their receipt in the list receipt numbers published at the end of the election. They can then alert authorities to the issue and the election can be revised.
While voting receipts offer some level of auditability, the entire election process should be auditable to election organizers as well as third parties. The mechanisms to achieve auditability vary across solutions and depend on your association’s needs. However, if a provider cannot offer details about how you will be able to audit a meeting or election with their solution, it is probably not the right solution to choose.
Experience and Expertise
While not necessarily a security feature, an online voting provider’s experience and expertise can tell you a lot about their solutions. A qualified provider should have years of experience helping organizations and associations of all kinds and sizes. They should also demonstrate the importance research and innovation has in developing their solutions to meet the security challenges of today and tomorrow.
The best way to tell whether or not a potential online voting provider offers these features is to ask them. We should also note that implementing these features should not require any extra effort from your association or your voters. Encryption, digital signatures, and credential and receipt delivery should all be managed and applied by your online voting provider and included directly within their solutions.