About 10 years ago I wrote an article on the cyber-security of systems. This article was the direct result from a project I ran that made it possible to hold national elections via the Internet. One of the main findings in that project, and the subject of the article, was that traditional protection is simply not good enough if you need to secure something properly. It is sad to see that after all those years, not much has changed. Sorry, the article is in Dutch.
Most people and companies see their cyber-security as an M&M. A hard shiny shell on the outside and soft on the inside. They try and stop access to their network with firewalls and protect their data with userid and password. In other words, they make it hard to get in, (the hard shell) but once you are in, the data is yours (the soft inside).
To me this does not make sense. What you need is what I termed pervasive security. This means that security needs to be expressed in everything you can do on the system. Every process, every step in data handling, needs to be looked at not only from a processing viewpoint but from a security standpoint as well. If you go and update some data, the system must check if you are authorised to do so and if the system doing it is authorised. If you go and read data, the process that performs that action, needs to check if you are allowed to do it, and if the data is allowed to be read or changed. The data itself needs to contain information that allows the security system to check permissions, methods and what can be done with the data.
In the voting system and website, we had double checks for every action. Every step in the voting process was checked by the system itself and then double checked by a separate system. Both systems had to agree before the next step could be taken. This was not a big performance hit as the systems we running parallel.
The pervasive nature of the security was also present in the procedures outside the site. Each ballot design was vetted independently so that no vote could be manipulated by the way the choices were presented. Another example of rigorous security was the paper form that was used to apply for a voter registration card. This card also held the voters bio-metric information. (in this case fingerprints) Each form had a unique barcode number and could only be scanned once. This made it impossible to have 2 voter registration cards for the same person.
We also implemented a multi layered approach in the hardware and software used. For instance, we used different types of firewalls between the systems doing the double checking. The big advantage of having multiple systems controlling and checking each other is that when a hacker gets into the system, he needs to control more than one system to manipulate the data. That is a far more difficult thing to do.
In short, we had at least double layer security and quite often 4 layer security implemented throughout the system.
With the current sophistication of hacking attacks and the complex methods the hackers manage to develop to break into your system, anything less is not enough. A simple M&M, a hard shell with a password no longer forms a good defence against hackers. The soft centre is there to be devoured.
During the development of the Protexit platform we, of course, took this into account. It also features a multi layered approach, different types of data are stored on separate machines and we use a multi layered encryption process. I don’t pretend that we are hack proof, nobody is. But all I need to do is make it as hard as possible and hope they go look for an easier Target, pun intended.