Stung by Russian hackers intent on swaying the 2016 presidential election, the Democratic National Committee (DNC) has put considerable resources into shoring up cybersecurity and on Friday releases a checklistmeant to secure campaign and candidate devices.
“The checklist is exactly that: a list of steps you can complete and then check off,” DNC CSO Bob Lord said in a blog post. “The goal is to print it out, and run through it line by line.”
The guidance covers encryption, passwords, PINs, two-factor authentication, email safeguards and the importance of security updates. “If you are working in a political party or on a campaign, and you have a personal Gmail account, please enroll in Google’s Advanced Protection program,” the DNC advised, explaining the program “uses a physical key to log you into your Gmail account, and dramatically reduces the risk of getting phished.”
The advisory touches on other protections beyond the checklist, such as Facebook privacy settings,secure chat, setting up security questions and reducing the attack surface by using a Chromebook or iPad.