S.D. Admin. R. 5:04:06:10

Current through Register Vol. 51, page 67, December 16, 2024
Section 5:04:06:10 - Voter Registration File Security

At a minimum, the computerized voter registration file must implement the following:

1. A stateful layer 3, and 7 firewall at the perimeter in order to block malicious traffic from known and unknown adversarial actors along with experienced personnel to operate and maintain the rules and underlying software and firmware on which the firewall system operates.
2. Anti-malware solutions that ensure the underlying operating system(s) maintains its intended function, integrity, and exclusive ownership of the governing maintaining body.
3. Software vulnerability analysis pre- deployment to production environments. Underlying code, libraries and included packages require continuous evaluation throughout the software development lifecycle through automated trusted tools to ensure erroneous code, unauthenticated access or potential privilege escalation vehicles shall not be introduced.
4. Trusted White hat vulnerability analysis for protected systems to evaluate, identify and document risks within the application which are then provided to development and management personnel to appropriately mitigate any potential findings on a scheduled and reoccurring basis.
5. Personnel background checks for those with access to restricted systems within the application development lifecycle ensure that only benevolent, patriots dedicated to a secure election process, act in good faith to deliver quality, well-guarded code and application infrastructure.

S.D. Admin. R. 5:04:06:10

50 SDR 012, effective 8/8/2023

General Authority: SDCL 12-1-9(1) Law Implemented: SDCL 12-4-37