I've worked in IT for a few decades. The 2020 election is fraudulent. No one explained the core of the fraud, the configuration of the servers. I'm talking best practices
USB ports are disabled on every server and on many workstations to protect data and prevent intrusions.
Logs are reports of events on server functionality visible on screen or in print. Levels of users are defined w/ permissions. Administrators have full control over the server and software. They can read, edit, and write code or change internal server settings.
Next, there are Power Users. A Power User can't install new software. Others can read but can’t change anything. Access is severely limited. If the server is configured correctly their NAMES are visible.
Login are multifactor. Logs also show any intrusion attempts and can show the IP address (unique set of numbers identifying every computer) if the server is configured to do this. You can backtrack using the IP to identify the location of intruder.
Logs show backup schedules and data loss. Given the sensitivity of the data, assume a full backup. A couple of ways to do this. Another identical server, or the Cloud or RAID – Random Array of Inexpensive Disks. RAID disks located in the server itself capture pieces