Elections Security

​To protect the integrity of Oregon’s elections and other systems, The Office of Oregon Secretary of State (SOS) has multiple layers of defense controls, including hardware and software designed to prevent cybercriminals from gaining access or misusing our systems. 

We routinely perform threat analysis and risk assessments on our systems. Assessments are done by internal staff as well as third parties contracted to perform assessments. As a result, we continue to improve security processes and protections for all systems.

Preventative and Detection Measures

We use both preventative and detection measures including:

  • Patch and vulnerability management
  • Firewalls
  • Continuous monitoring of systems
  • Incident management planning and tools
  • Security training

Increased Security

Over the past year we increased our security efforts with:

  • Upgraded network firewalls
  • Requiring a VPN to access the SOS network remotely
  • Upgraded antimalware solution with enhanced monitoring and alerting for unusual activity
  • A third party risk assessment, including controls assessment, physical security testing, social engineering testing, and network penetration testing
  • Third party penetration testing of ORESTAR
  • Upgraded log collection and monitoring system to handle increased amounts of system and application data in order to increase our visibility and understanding of system activity.
  • Nearly doubled the amount of security dashboards used to monitor and audit security data from the SOS network and systems.
  • Mitigated identified application security vulnerabilities
  • Provided Oregon Counties secured upload platforms from which to transfer elections data

Continued Efforts

Security systems are never finished and need to continue to be improved and modernized. We are currently implementing:

  • Inspection of encrypted traffic
  • Network access control – detection and blocking of unauthorized devices attempting to access the SOS network.
  • Ongoing phishing campaigns to test and educate staff.
  • Ongoing testing and scanning for application security vulnerabilities We are also in the planning phase of the following projects that will be completed before the 2020 Primary Election:
  • Multi-factor authentication for county elections staff
  • Election system disaster recovery
  • Increased monitoring and log collection for OCVR
  • Install agents on high value targets’ workstations to collect and forward log data. This includes workstations for security, information systems, and elections staff, as well as management.

In 2016 we successfully blocked attempted cyber-attacks by the Russian Government. Today, our systems are much more robust. We will continue our efforts to secure our election and other systems and implement best practices as we continue forward in this battle.

​​ ​​​​​​​

Oregon Vote Tally Machine Systems

Vote tally machine systems in Oregon counties

Life of an Oregon Ballot Video

Ballot sorter being run by a county employee  
Wondering how your ballot gets counted?