Keeping your vote safe and secure: a story from inside the 2020 election

In many cases, the front line of defense against state-sponsored hacking and highly organized cybercrime is a local government official operating under extreme pressure. Identifying these officials and related customers was a priority. It would allow threat-hunting teams to better monitor for actors specifically targeting election infrastructure.

Many election-related activities are built on Azure, Microsoft's cloud platform that, among other things, hosts critical activities, including voter registration portals. Being an Azure customer requires no formal relationship or contact with Microsoft, which meant important election-related Azure customers were effectively anonymous.

The discovery process involved teams within the company pooling their knowledge and contacts. It also meant calling upon relationships with external bodies like CISA to put the call out to the elections community across the U.S.

Another route to identifying relevant customers was through Microsoft's extensive partner network. One example is BPro - an elections software and services business, which deals with voter registration, election management, information portals, campaign finance solutions and election reporting systems for states and counties, that runs on Azure.

That's a long reach for a business of that size, putting BPro in a position of great responsibility. Ensuring the safety and security of customer systems during a time of unprecedented importance is no small undertaking.

'At a moment's notice, during the election, just having Microsoft on the phone, helping us address any issues that come up is something that gives our customers peace of mind,' says George Munro, Government Outreach Director at BPro. 'They know it's not just these folks from South Dakota who are working on the issue, it's those folks as well.'

In total, the elections team identified more than 2,000 Azure customers that were running election-related workloads on their systems, several which were then given a detailed security and resiliency audit by Microsoft. The audits generated reports outlining recommendations to boost performance in those two key areas.

Karen Intrachat, a Principal Program Manager within the Azure Customer Experience Team (Azure CXP), explains, 'In our resiliency reviews, we might discover a customer is running their election reporting application on a single server,' she says.