Political IT Security balances on human error
CEDAR RAPIDS, Iowa (CBS2/FOX28) — Hackers have already disrupted the Democratic Party after releasing many damaging emails from the Democratic National Committee. They were embarrassing for party leaders and will likely result in at least the party chair stepping down this week.
But IT security for political groups and organizations at many different levels often balances on human error.
Running a campaign is a lot like a small business. There’s plenty of things to spend money on. With so much technology all around us, it’s often not an area where campaigns spend a lot of extra resources.
Physical protection is generally something we think politicians and their Secret Service Agents get right, especially at the highest levels.
Online, IowaCityTechnologyServices.com Director Greg Johnson says even they fall short.
“There are just so many points of failure,” said Johnson.
CBS2/FOX28 spoke to local campaigns and elected officials from both major political parties about their IT security. They say, generally, campaign staff email is handled through services like Google’s Gmail and some additional security options within those programs. Rarely will even the most Congressional races have a dedicated IT team to keep it safe.
“Just using Google, or some similar service, steps it up a bit, but it’s not entirely secure,” said Johnson.
Once a candidate is elected to Congress, their staff is brought on to Federal Government systems. That’s usually a step above most security, but Greg says it still doesn’t solve human carelessness.
“All it takes is for one person to lose their computer or have one person get their password and suddenly, that person has access to all those emails that somebody was copied on, or anything they’ve ever sent or received,” said Johnson. “It would be a huge collection of emails just from one account getting breached.”
Greg says there is encryption software that would make sure emails and information is locked and can only be accessed by someone with the right password. He says that can be free, or be as expensive at $175.
