Election Security: Important Advice and an Offer for Enhanced Support from Granicus
Cybercrime is at unprecedented levels as the USA enters the final phase of election preparations. Nation states, organized crime and individuals are all trying to penetrate online systems through brute force attacks, social engineering (like email phishing) and exploitation of systems vulnerabilities.
At Granicus, we view security as a product, a process, and a culture that spans our systems, our software, our data, and our people. We use internal and external experts to maintain our defenses. We proactively utilize edge-to-edge security, visibility, and carrier-class threat management and remediation. Our software is housed in Tier III data centers, includes two-factor authentication, data encryption, security scanning, infrastructure redundancy, and monitoring. Across our solutions we adhere to government grade security standards and regulatory measures like: FedRAMP, ISO27001, NIST, SOC 2 (SSAE 16), and many more. Every Granicus employee is trained and certified in cyber security practices annually. Along with our 24/7 full time security team, we partner with firms like Booz Allen Hamilton, BSI, Crowdstrike, Coalfire, and NCCGroup that enrich our capacity and response.
And our teams are constantly working to strengthen our approach, actively responding to the heightened security threats that the next few weeks present. However, there is a weak link in many agencies’ defenses.
That is why we are offering an Election Lock to counter the risk that unauthorized people – for example, recently terminated employees, contractors, users who might be sharing log-in credentials – will access your Granicus accounts. This offer enables you to lock down Granicus civic engagement products temporarily to ensure unauthorized use is not possible. The optional Election Lock prevents any outside actors from using your email, web, and/or civic meeting solutions. Even if your employees have been the subject of phishing attacks, their credentials cannot be used to access our systems during the lock down. With Election Lock, your community will only receive pre-scheduled messages.
Here are the details:
Applicable Products: govDelivery, govAccess, and govMeetings Send Agenda
Lock Time: Monday 11/2/2020 until Wednesday 11/04/2020
How to Opt In: Send an email to email@example.com on or before October 30, and our team will confirm your opt-in.
This is a completely voluntary offering. If you don’t plan on providing real-time updates to your community during the election, this offering will further secure your solutions.
Finally, while Granicus remains proud of its security, we are also diligent and proactive when it comes to our solutions. You won’t see us rest on our laurels – and neither should you. As a customer of any cloud-based government software, you can take measures to increase your defenses and protect against bad actors. As a reminder, you should consider these processes:
- Never share passwords or accounts
- Ensure users of the software are onboarded with training and stay authorized
- Define your administrators
- When staff depart the organization, immediately de-activate their system access
- Test your push-based communications with internal and external sends
- Test your web property updates
- Capture and maintain a map of your webpages and landing pages to ensure you know what the public is seeing
- Remind your team to stay diligent and escalate any suspicious activity
As always, if ever you have suspicious activity in your accounts, contact Granicus immediately at firstname.lastname@example.org. We stand ready to support you and ensure smooth civic engagement through the election and beyond.