GLI-19: - Gaming Laboratories International
GLI-19: - Gaming Laboratories International
GLI-19: - Gaming Laboratories International
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>GLI</strong> Standard #<strong>19</strong> – Standards for Interactive <strong>Gaming</strong> Systems (Suppliers) Version 1.0<br />
Final<br />
taken.<br />
e) All reasonable precautions must be taken to ensure that no data kept on the <strong>Gaming</strong><br />
Platform or transferred by it can be infected with a virus program, Trojan Horse, worm,<br />
or other malware.<br />
7.3.4 Network Security Management.<br />
a) Networks shall be adequately managed and controlled, in order to be protected from<br />
threats, and to maintain security for the systems and applications using the network,<br />
including information in transit.<br />
b) Security features, service levels, and management requirements of all network services<br />
shall be identified and included in any network services agreement, whether these<br />
services are provided in-house or outsourced.<br />
7.3.5 Network Access Controls.<br />
a) An access control policy shall be established, documented, and reviewed based on<br />
business and security requirements for access.<br />
b) A formal user registration and de-registration procedure must be in place for granting and<br />
revoking access to all information systems and services.<br />
c) The allocation of user privileges shall be restricted and controlled based on business<br />
requirements.<br />
d) Management shall review users’ access rights at regular intervals using a formal process.<br />
e) Users shall only be provided with access to the services that they have been specifically<br />
authorized to use.<br />
f) Passwords must be controlled through a formal management process.<br />
g) The selection of passwords must follow good security practices.<br />
h) Unattended equipment shall have appropriate protection and automatically log the user<br />
out after a pre-determined interval.<br />
i) Appropriate authentication methods shall be used to control access by remote users.<br />
j) Automatic equipment identification shall be considered as a means to authenticate<br />
connections from specific locations and equipment.<br />
Chapter Seven: Information Systems Security (ISS) Requirements Page 55<br />
Copyright © 2011 <strong>Gaming</strong> <strong>Laboratories</strong> <strong>International</strong>, LLC<br />
All Rights Reserved.