How we secure Arizona's elections

  1. System Access

    Only authorized state and county elections officials have access to the Arizona Voter Information Database (AVID), and all authorized users are required to log in using multifactor authentication.

  2. Environment and Hosting

    The Azure Government Cloud offers Distributed Denial of Service (DDoS) protection with Always-On Traffic Monitoring and Real Time threat mitigation. All of AVID is monitored using advanced security threat detection that protects against SQL injections, unusual location access, and brute force attacks. Further, data is protected in transit using TLS encryption as well as being encrypted when the data is at rest.

  3. Logging and Monitoring of All Database Traffic

    Any modification to a Voter record in AVID is logged for auditing purposes.

  4. Disaster Prevention and Recovery

    Security scans of all system assets are performed on a routine basis to ensure any potential vulnerabilities are identified. Data backups occur on a per minute basis and are stored for a set amount of time along with regular weekly and monthly backups which are stored for longer periods.

  5. Adherence to Industry Standards

    AVID was designed to meet the National Institute of Standards and Technology security controls and associated assessment procedures defined in NIST SP 800-53 Revision 4 Recommended Security Controls for Federal Information Systems and Organizations.

  6. Security Awareness Training for County Users

    County users receive security awareness training through the Secretary of State's overall election security training exercises and monthly meetings.

  1. AZSOS Websites

    Our websites are behind web application firewalls, which protect us from DDoS and other attacks. We use secure coding techniques and host most of our election-related web content in the cloud to further boost redundancy and availability.

  2. AZSOS Office Networks

    We use industry standard technology to secure our networks, and our security is continually assessed and enhanced with help from the Arizona Department of Administration, the U.S. Department of Homeland Security, and private sector security companies. Our staff is well-trained in cybersecurity awareness and phishing email detection.

Uniformed and Overseas Citizens can transmit their Federal Post Card Applications (FPCA) and Federal Write-In Absentee Ballots (FWAB) to the County Recorders using a secure portal. The login portal is protected from DDoS attacks to ensure availability, and all information transmitted through the portal is encrypted through SSL/TLS.

  1. Decentralization = No Single Point of Access

    Elections in the United States are conducted independently across thousands of local jurisdictions. This means there is no single point of access. In Arizona, elections are conducted independently by each of our 15 counties and overseen by the Secretary of State.

  2. Certification Requirements

    All equipment used in Arizona must be certified by both the US Election Assistance Commission (EAC) and the Secretary of State's Equipment Certification Advisory Committee to ensure that it meets both federal and state-specific requirements.

  3. Logic and Accuracy Testing

    Before voting starts, county election officials conduct logic and accuracy testing on each piece of voting equipment to make sure that ballots will be marked and counted correctly. In addition, the Secretary of State's Office also performs a logic and accuracy test of a sample of voting and tabulation equipment at each county before each election.

  4. Paper Ballots

    In Arizona, no matter how one votes, there will be a piece of paper to visually verify holds the correct vote.

  5. Isolated Election Systems

    In Arizona, election systems (computerized systems that program elections and count votes) are air-gapped, meaning that they are never connected to the internet or office networks.

  6. Contingency Planning

    If something happens on or near election day, county election officials have back-up plans in place to ensure eligible voters can still cast a ballot and that ballots can still be counted.

  7. Post-Election Hand-Count Audits

    County election officials, with participation from the political parties, perform a random, post-election audit on selected races to validate results.

  8. Cyber and Physical Fortification

    Federal Help America Vote Act grants are being used in Arizona to bolster county office network and website cybersecurity, as well as physical security improvements at county facilities. Arizona also provides the counties with free security awareness training and phishing testing services.

  1. Election Officer Certification

    Each election cycle, the Secretary of State's Office trains and prepares new election officers from around Arizona for their upcoming duties in a week-long certification program. Also, every previously certified election officer in Arizona is required to take a re-certification class each election cycle.

  2. Chain of Custody and Logging

    By law, election equipment and materials, like ballots, must always be protected, and all access to them must be logged. In many cases, two people must be present when equipment or materials are moved.

  3. Audit Procedures

    Many auditing procedures are used to make sure vote counts are accurate across the entire election process.

  4. Filing Election Programs with AZSOS

    The Secretary of State is a repository for the election system programming used by each county, which also serves as a backup in case of deletion or tampering elsewhere.

It is vitally important that we help candidates and other political entities to protect themselves. The Secretary of State's Office has produced a guide titled "Cybersecurity tips for candidates, parties, and PACs" that gives cybersecurity guidance specifically targeted for these entities.

  1. Tamper Evident Envelopes and Ballot Tracking

    In Arizona, counties utilize tamper evident envelopes for mailed ballots and voters can verify whether their mail ballot has been sent to them and whether it has been accepted by the county after it has been mailed back.

  2. Security of Ballot Drop-Off Locations and Drop-Boxes

    Ballot drop-off locations and drop-boxes must comply with security requirements and procedures outlined in the Elections Procedures Manual.

  3. Signature Verification

    Every ballot-by-mail is authenticated through a rigorous signature verification process conduct by trained election officials.

  4. Criminal Penalties for Misconduct

    Arizona law imposes severe criminal penalties for ballot tampering, vote buying, or discarding someone else's ballot.

  1. Building Strong Relationships

    Fostering trust, collaboration, and communication between the many stakeholders in Arizona's election community helps keep the voting jurisdictions within the state up-to-date, prepared, and cohesive. All 15 counties in Arizona are members of the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC) and receive alerts, guidance, and security services from federal agencies.

  2. Security Training and Exercises

    The Secretary of State's Office provides cybersecurity and election security training for our county partners, and hosts election security preparedness exercises.

  3. Incident Response and Communications Plans

    The Secretary of State's Office has worked with representatives from the counties to draft an election incident response plan that can be implemented by every county.

  1. AZSOS Public Education Campaign

    Our largest threat to fair and secure elections today is "information operations", a term that means presenting misinformation about candidates, issues, election officials, or election processes in an attempt to influence election outcomes or public perception about the accuracy of elections themselves. We continue to invest time and resources to inform Arizonans to be aware of how to spot and report mis- and disinformation.

  2. Verified Social Media Accounts

    We verify our social media accounts, so when the bad actors start spreading misinformation using a copycat account, we can counter that with accurate information using our official account. We're also working with county election officials to verify their social media accounts.

  3. Social Media Response Plans

    The primary goals of a social media plan should be to distribute accessible, correct information, and at the same time challenge and correct misinformation. Having a direct line of communication with social media companies provides efficient processes for removing false or misleading information and replacing it with accurate information that can be amplified by trusted sources.

  4. Coordinating with Civic Engagement Organizations

    Civic engagement organizations often work directly with voters. Developing strong relationships with groups in the time leading up to an election is crucial to establishing credibility and communication.

  1. Update/Confirm Voter Registration Status

    Voters can verify the accuracy of their voter registration record and make any necessary updates by visiting www.arizona.vote and/or contacting the Secretary of State or their County Recorder.

  2. Understanding the Right to Vote

    The best response to attempts to disrupt our elections or spread misinformation that discourages voting is for voters to continue to register and exercise their right to vote. Voters have a right to a ballot, even if its provisional, have a right to vote if they are in line by the close of polls, and can request and receive assistance to support them in exercising their right to vote.

  3. Know Trusted Sources for Election Information

    It is important to always get information about when and how to vote from trusted sources.

  4. Being Ballot Aware

    Be aware of relevant laws related to returning of ballots, as well as deadlines for returning ballots by mail or dropping it off in-person.

  5. Beware of Sensationalist News Stories

    No matter the situation, beware of the headline that says, "Election Hacked!". Election-related systems are often incorrectly identified as an election system. Again, look to trusted sources of information for reliable news about elections.

_________

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.