Skip to content

Printing System

Ballot on Demand®

The portable Ballot on Demand printing system consolidates commercially available printing components with ES&S’ dedicated software and hardware modifications for use in both batch printing of mail-in ballots and individual ballots for early, in-person voting.

Security features:

  • Physical and System Access Controls
  • Audit Logs
  • Encryption, Hash Validation and Digital Signature
  • System Application Controls

Product features:

Security facts:

Physical and System Access Controls

The Ballot on Demand laptop and printer are secured in a lockable case and the laptop is secured with a pressure-sensitive, tamper-evident seal. These physical locks and seals are a first line of defense and minimize the effect of any unauthorized access.

The operating software provides security access controls to limit and detect access to critical system components, guarding against system integrity loss and availability. Access codes are required for system access during equipment preparation, testing and operation. These safeguards cannot be bypassed or deactivated during system installation or operation, maintaining the integrity of the election data and audit record.

Two levels of password protection for the BOD laptop exist: Microsoft Windows login and BOD print service login. Should unauthorized data somehow be introduced into the system, a user would not be able to associate this data or edit the pre-defined job without logging in as an administrator.

Audit Logs

The BOD Print Service software generates an audit log of all system activities, including system access by administrators. Once an operator is logged into the system, the BOD will report on all printing activity by that operator. The audit log is timestamped and each individual activity is identified by the administrator login name.

Encryption, Hash Validation and Digital Signatures

All ballot PDFs stored on the system for printing are encrypted and can only be printed via the BOD software on the BOD printer. Should unauthorized data somehow be introduced into the system, a user would not be able to associate this data or edit the pre-defined job without logging in as an administrator.

System Application Controls

The BOD laptop and printer are hardened devices, including only the services, applications, utilities and settings required to successfully operate the Print Service program and print Ballots. System functions for both devices are only executable during election events, in the manner and order intended by election officials performing their duties.

Need more information?

That’s why we’re here. The dedicated ES&S representative for your state can help you determine the best solutions for your jurisdiction.