68 IAC 25-5-6 - Internal controls
Authority: IC 4-33-4; IC 4-35-4
Affected: IC 4-33; IC 4-35
Sec. 6.
The casino licensee must submit internal controls for the following:
(1) Access privileges to
the LMGS that includes, but is not limited to the following:
(A) Access to a component of the LMGS shall
be configured to prevent the transfer of personally identifiable information
outside of the casino.
(B) Access
shall be continuously monitored by the casino licensee.
(2) Subsequent to an authorized use by a
licensed supplier, the account shall be returned to a disabled state on all
operating systems, databases, network devices, and applications until needed by
such licensed supplier and approved by the executive director or the executive
director's designee.
(3) Remote
access to the LMGS and its components for purposes of licensed supplier support
must include the following:
(A) The method
and procedures used to gain access remotely, including the use of passwords and
other logical controls, and commission staff observation.
(B) The procedures to be used by the IT
department to further control and monitor access and to ensure that licensed
suppliers have only the limited access needed to perform authorized support and
update functions.
Notes
State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.
No prior version found.