After an unintentional leak of voting equipment passwords on its website, the Colorado Department of State received a sobering review from Baird Quinn, LLC, the independent investigators engaged to unearth how the sensitive data ended up in the public eye and to stop such a breach from happening again. The report, accessible through a link provided by the Department of State, found that a series of undesigned mishaps culminated in the exposure of BIOS passwords, affirming the act was accidental and emphasizing that the Department generally maintained apt measures to safeguard state information.
In para about the investigation it determined the slip was owed to a failure to properly examine documents earmarked for the website, ensuring they were clear of confidential information, such a lack of vigilance strikes as a stark reminder of the perpetual war between data security protocols and human error. Baird Quinn didn't just diagnose the problem but also delivered a suite of seven recommendations for the Department to enact, which includes establishing clearer policies around password storage, enhancing software training, revising existing acceptable use policies, and mandating annual AUP reviews by employees, it underscores an earnest attempt to fortify the bulwarks against human mishaps.
Secretary of State Griswold acknowledged the oversight and assured that all the recommended measures would be adopted promptly, "The Department of State thanks Baird Quinn for their thorough review of this matter. We are committed to implementing their recommendations to ensure a situation like this never occurs again," they said, as per Colorado Department of State. Alongside these reforms, the Department emphasized Colorado's election integrity, citing "multiple layers of physical and network security measures" that protect the state's elections, insulating the recent General Election from slip-ups.
