Grand Lake Casino streamlines compliance reporting and mitigates the risk of privilege abuse
Challenge
- Meet strict regulatory requirements
Grand Lake Casino is subject to several regulations, including PCI DSS and MICS (Minimum Internal Control Standards, enforced by the National Indian Gaming Commission). However, auditing through Microsoft Event Viewer was tedious and failed to provide sufficient detail to satisfy audit requests. - Mitigate risks of insider and privileged user activity
The IT manager was concerned about unauthorized insider actions and privilege abuse by third-party contractors and internal IT members. With limited visibility into user activities across the environment, he could not detect or respond to incidents in a timely manner. - Strengthen control over sensitive data
Because the casino stores large volumes of sensitive data, maintaining control over file servers was a top priority. The IT manager needed visibility into how employees handled sensitive information to detect issues before they could lead to security incidents or compliance violations.
In the gambling industry, the main challenge for the IT team is the high level of regulation. Netwrix Auditor is a great solution for this challenge because it makes us way more efficient in assembling information for audit reports and making sure we operate in compliance with all the regulations.
Ryan Allington, IT Manager, Grand Lake Casino
Netwrix solution
A coworker recommended Netwrix Auditor to Ryan Allington, IT Manager at Grand Lake Casino. During the trial, he was impressed by the straightforward structure of the predefined compliance reports and the flexible alerts, both of which provided him with virtually all the information he needed. Since then, his team has been able to achieve the following results:
- Easier compliance reporting. Netwrix Auditor dramatically simplifies the annual and monthly compliance reporting process at the casino. The predefined reports are clear and provide all the data that auditors usually request, from changes to sensitive folders and security group membership to successful and failed logons to core systems. The software saves Ryan hours every month, enabling him to focus on more strategic tasks.
- Accountability of privileged users. Now Ryan can closely watch the activity of privileged users, including those from the casino’s third-party accounting firm. In particular, he can track the creation and deletion of privileged accounts in Active Directory, get alerts on privilege elevations, and monitor third-party activity with video recordings. These detailed insights help Ryan mitigate the risk of both human errors and insider threats.
- Control over sensitive data. With the detailed information that Ryan and his team get about changes to files, folders and permissions, they can promptly detect activity that might threaten the security of sensitive data. Moreover, common user issues that used to take an hour to investigate can be resolved in minutes. For example, if an employee cannot find a needed file, instead of painstakingly searching through all the folders, Ryan can simply use Netwrix Auditor to see immediately what happened to the file and fix the problem.
Minutes
To provide monthly and annual audit reports
Before Netwrix Auditor, I had to spend quite a bit of time configuring the Event Viewer and making sure it captured all the events. Now I can focus on more strategic tasks like optimizing processes and collaborating with other departments on their IT projects.
Ryan Allington, IT Manager, Grand Lake Casino
Key benefits
- Easier compliance reporting
- Quick detection of privilege abuse and insider threat
- Improved security of sensitive data
- Faster incident investigations
Grand Lake Casino in Grove, Oklahoma, U.S., offers 45,000 square feet of gaming and live entertainment, such as slot machines, table games, live music, restaurants and more.
Share on
