PCI Security Standards Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is a comprehensive security standard that acts as a set of guidelines for merchants to ensure the protection of their customer’s sensitive card data. PCI DSS is equally helpful to ensure that other sensitive data, such as votes, are protected. Simply Voting’s servers are subjected to intense daily PCI Compliance scans by Trust Guard, which checks for over 66,956 vulnerabilities or security holes that hackers might use to compromise the voting website.
Simply Voting is committed to supporting electors with disabilities and making sure the ballot works with assistive technologies. Voting websites are audited against Section 508 and WCAG-2 accessibility requirements, and are assigned an “A” grade by the Bureau of Internet Accessibility which conducts comprehensive audits of our voting interface.
Skyhigh Enterprise-Ready Rating
Simply Voting received the highest CloudTrust Rating from Skyhigh Networks. Skyhigh performs objective and thorough evaluations of cloud services based on a detailed set of criteria developed in conjunction with the Cloud Security Alliance (CSA). Services designated as Skyhigh Enterprise-Ready fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection.
SSAE 16 Certification
Simply Voting is SSAE 16 SOC 1 Type I certified. The SSAE 16 (formerly known as SAS 70) is a widely recognized auditing standard issued by the American Institute of Certified Public Accountants (AICPA). An auditor’s report details a service provider’s ability to offer adequate controls and safeguards when they host or process data belonging to their customers. The audit focuses heavily in the areas of compliance, security and access. It addresses important topics such as backup and recovery, computer operations, and human resources.
Our data center, RackForce, is similarly SSAE 16 SOC 1 Type II certified. Both Simply Voting and RackForce are also CSAE 3416 and ISAE 3402 certified; these are the Canadian and international equivalents to the SSAE 16. These certifications are an independent validation of the quality, integrity and reliability of Simply Voting’s infrastructure and services.
Simply Voting is insured with the Berkley Insurance Company. We maintain a $2,000,000 General Business insurance policy as well as a $2,000,000 Cyber Liability insurance policy which covers Errors & Omissions and Network Security & Privacy Breach. This helps protect your organization and your voters.