Election Security Spotlight – What Are Endpoints?

As we begin the new year, take a minute to assess your cybersecurity readiness for the 2022 elections. A quick and easy way to strengthen your security posture is to add endpoint detection and response (EDR) to your network. The EI-ISAC is offering a federally funded EDR program, so there’s no cost for election offices!

What Are Endpoints?

Endpoints are devices on a network, such as laptops, desktops, mobile phones, tablets, and servers. Endpoints serve as potential access points to a network. If a device has connectivity and can send/receive information, it is considered an endpoint. Networks typically have multiple endpoints ranging in size and function. Many of the endpoints on a network fall into the “Internet of Things” category (“smart” products, fitness trackers, etc.). Endpoints can consist of voter registration database servers, election management systems, and election night reporting servers. Some networks are designed to allow thousands of devices to connect, while others limit who and what can connect to protect information.

Why You Should Secure Endpoints

All endpoints represent a potential threat to a network. A failure to update endpoints and patch against known vulnerabilities, lack of an asset inventory, and management of security devices are risk factors that could result in a compromise. Unsecured devices on a network allow attackers easy access to a network and the stored information. Additionally, an attacker could infect an endpoint and use it as part of a botnet to launch attacks on other entities.
With the myriad of devices that can be endpoints today, and the number of new network-connected devices rising, it is critical to keep track of these devices and understand how to secure them against threats. This knowledge will help you manage who has access to your network and help develop a plan for tackling vulnerabilities in these devices. Some devices may not update as frequently or require a specific procedure to install security updates. Understanding how to patch each system, and having a plan is critical in lowering your risk profile.

What Should You Do?

  • Ask your county or state IT if endpoint security protects your office.

  • If you are not covered by an endpoint solution, sign up for EI-ISAC’s Endpoint Detection and Response (EDR) service. EDR is deployed on endpoints, continuously monitors them for threats, and can help with asset management.

  • Work with your IT department to perform an inventory of all devices connected to a network.

    • CIS Control 1 recommends keeping an inventory that allows you to have a complete picture of all devices connected to a network and “will also support identifying unauthorized and unmanaged assets to remove or remediate.”

  • Instruct your IT department to develop a patch management plan to ensure all devices are routinely updated and patched against vulnerabilities.

  • Ensure all endpoints are covered under a network security system.