Election Commission has come out with a first-of-its-kind initiative to protect the voters' registration database.
With reports of allegations and fears of cyber-meddling in elections abroad, the Election Commission has come out with a first-of-its-kind initiative to protect the voters’ registration database as well as office networks from unauthorised influence during the general elections in 2019. Among the number of initiatives taken by the commission include a chief information security officer in the national capital and a cybersecurity nodal officer in every state; regulations on cybersecurity for the Commission; organising workshops to train officers in cyber hygiene; third-party security audit of election-related applications and websites; and a suggestion to consider polls as ‘critical information’ under the IT Act, 2000.
These are among some of the key steps taken by the apex poll body in the course of the last nine months to secure elections from cyber threats, The Indian Express has learned.
While the commission is confident that electronic voting machines (EVMs) and voter-verifiable paper audit trail machines (VVPATs) cannot be hacked, as these stand-alone units not connected to any network, the dependence on digital technology and the internet for voter registration, electoral roll management, and result dissemination, among others, calls for further safeguards, a source told the paper.
Key measures taken by the commission
* The EC’s “Cyber Security Regulations” (CSR), which was launched in March, is a guide for its officers on how to behave online. These regulations have been introduced to prevent “unauthorised access, disclosure, duplication, modification, diversion, destruction, loss misuse or theft of protection information”.
* Last year in December, the poll body appointed a chief information security officer (CISO) at its headquarters as also cybersecurity nodal officer (CSNO) in every state in the country to implement regulations and also to coordinate cybersecurity between the commission and Chief electoral officers (CEOs) in the state.
* The commission has conducted three regional workshops (north, south and central India) for poll officers since June.
* Election Commission has also made mandatory for annual thirds party audit of poll-related websites and applications in all states.
* The commission’s main website and six other websites related to websites are linked with secure socket layer or SSL, which is a standard security protocol in order to keep an internet connection secure by encrypting any crucial information sent between one’s browser and the website.
The report added that election-bound Rajasthan, Madhya Pradesh, Mizoram and Chhattisgarh have introduced security audit of their websites, SSL implementation as also signed non-disclosure pacts with agencies providing services and also came out with a disaster recovery plan if their websites and applications are crashed.