Security Compliance Auditing & Vulnerability Analysis

Gaming is a highly regulated industry with regulators in each gaming jurisdiction establishing technical standards for the offering of fair, secure, and auditable gaming operations within their jurisdiction.

Early regulatory regimes for online gambling realized that information security would be a significant factor that would need to be considered, and as a result, many iGaming technical standards have included security elements. These extend to both the technical requirements of the gaming systems themselves and the internal controls needed to manage the gambling operations offered through the online gambling systems. In some cases, the security audit needs to be performed prior to deployment. In other cases, an annual security audit is required such as in New Jersey (DGE), Denmark (DGA), and the UK (UKGC).

Security Auditing

The only way to ensure the correct functioning of an information-security framework is to test it. Depending on the business requirements of the organization, testing can take several forms ranging from an assessment of an information-security framework element’s effectiveness to a complete compliance audit of the information-security system to achieve certification of the system.

Vulnerability Analysis

GLI’s Information System Security Audits will evaluate how the information-system security of your organization is implemented against a particular standard. The goal of the audit is to provide a determination of compliance. Compliance with a third-party standard may result in certification or accreditation to that standard. During an audit, any areas of non-compliance with the standard are brought to your attention in the form of non-conformance reports which are typically addressed before a system is deemed compliant.

GLI performs both remote and physical/on-site evaluation of the live dealer studio itself. GLI’s testing on-site normally includes (but is not necessarily limited to) the following elements:

Penetration Testing
Network Vulnerability Scan
Vulnerability, Threat, and Risk Assessment
Technical Controls Audit
Physical & Environmental Controls Security Audit
Personnel Security Audit
PCI Qualified Security Audit
PCI Approved Scanning Vendor Scan
Disaster Recovery Audit
Continuity of Operations Audit
Incident Management Audit
Internal Infrastructure Testing
External Infrastructure Testing
Cloud Computing Security Audit
Application Security Testing
Security Source Code Review
Social Engineering Audit
ISO 27001 Audit

For the greatest peace of mind that your iGaming system and operation is secure, contact GLI today.