Secure networks mean safer services and greater trust for everyone who relies on you. Improving your network security doesn’t have to be expensive or complicated, though some of it is technical, and not all of it will be plain language. That’s exactly why joining forces with your IT support early makes a difference. They can help translate, prioritize, and ensure your security expectations are actually met. Together, you can protect the data your community depends on.
Consider starting with these steps:
Step 1: Begin with the non-negotiables.
- Inventory your assets, such as all devices and software, to understand what needs protection. You cannot protect what you don’t know you have. Taking inventory will assist in prioritizing the systems and data that are the most important to secure.
- Backup data regularly. Perform regular, automatic, and offline backups that can be obtained and restored on another server or network if you lose access to your systems. This is crucial; never underestimate the relief that multiple backup types can provide.
- Test restoring backup data. A backup that hasn’t been tested is just a theory. Regularly verify that you can restore your files.
Step 2: Eliminate what you don’t need.
- Remove unused accounts and devices from your network. Expired or inactive accounts can be exploited by attackers. Regularly audit and remove unneeded accounts, devices, and permissions. See guidance on managing inactive accounts from the NIST cybersecurity framework.
- Disable unnecessary services. Turn off unused features and services in systems, workstations, and devices to reduce potential entry points for hackers. Work with your IT support on this to understand dependencies and ensure that disabling a service doesn’t break critical applications. Note that major software updates can quietly re-enable services, so check back periodically.
Step 3: Harden the perimeter.
- Use a .gov domain for your website and/or email accounts. A .gov domain reduces impersonation risk and comes with built‑in security protections like anti‑spoofing and stronger email authentication. It also provides confidence to those searching for your website by ensuring they are on an official site. Get your free .gov domain from CISA.
- Use firewalls and VPNs. Utilize robust and built-in operating system firewalls to block external threats. Consider implementing a VPN for remote work to establish a secure, encrypted tunnel between your remote device and your organization’s network. That will protect sensitive data from cyber threats and ensure safe access to internal systems.
- Block dangerous websites automatically – Enroll in Malicious Domain Blocking & Reporting (MDBR). MDBR automatically blocks known malicious websites before staff can access them. If you are an MS-ISAC member, you may want to go to the CIS website for details.
We’re here to help. If you don’t have an IT administrator or you’d like additional insight, contact our experts at the Election Security Exchange for help understanding this general network security guidance.
The Planning Desk is a running timeline of key election security tasks. You can find prior editions in the newsletter archive.