Core Infrastructure & Data Protection
Our Infrastructure is hardened via AWS WAF and Shield to mitigate Layer 7 and DDoS attacks, Ensuring 99.9% uptime during high-traffic election windows.
eBallot follows a strict Data Minimization policy. Customer data is encrypted at rest using AES-256 and is purged following the retention period .
We provide a trustworthy ecosystem through End-to-End Verifiability (E2E-V) and rigorous third-party validation. Our E2E-V protocols use verifiable methods that enable each ballot to be independently confirmed as cast, recorded, and tallied as intended, providing transparency and strong assurance that the final results accurately reflect the votes submitted.
Security Quick-Specs:
Encryption: AES-256 (At-Rest), TLS 1.3 (In-Transit).
Auditability: Immutable Administrator Fingerprint Reports & Voter Audit Logs.
Infrastructure: 100% US-Based AWS Data Centers (East/West Redundancy).
Identity: Support for SSO (SAML 2.0) and Multi-Factor Authentication (MFA).
Legal: Compliant with LMRDA (Labor), GDPR (Privacy), & Section 508 (Accessibility).
Third party Audit: Halo Securities Firewall monitoring
Penetration Testing: Regular third-party penetration testing to identify and remediate potential vulnerabilities before they can be exploited.
Additional Security Items
Disaster Recovery
Our recovery procedures ensure that your data is accessible, even in the event of a disaster.
Custom Data Setups
We're happy to work with clients on an individual basis to meet your data backup requirements. For more information about our standard and custom data setups, contact us.c
GDPR Compliance (European Union)
As a data processor, we follow standard GDPR rules & regulations, as mandated by the EU, on how to handle data originating from the EU.
Specifically, we adhere to the Privacy Shield Principles that apply to Swiss and EU resident data.
For more details visit Section 19 of our Terms of Use, Section 3 of our Privacy Policy, or contact us.
