IT takes a village…
Casino irons out issues with its hybrid information technology/cybersecurity network with advice and products from regulators and gaming industry sources
BY HILARY FARLEY, PRAIRIE FLOWER CASINO
In the spring of 2018, I received a call from the chairman of the Ponca Tribe of Nebraska to attend a meeting about the tribe’s new casino opening in Carter Lake, Iowa.
Although I had worked for the tribe in various IT capacities for almost a decade—and was, at that moment, wrapping up an electronic health record conversion for two of the tribe’s healthcare facilities—I had never worked in the gaming industry. Given what I understood about the regulatory realities, particularly as they relate to IT and cybersecurity, I proceeded with some degree of caution. For example, I knew that a single incident of unauthorized access to a casino’s network could result in a $30,000 penalty. That’s the type of information that keeps IT administrators up at night.
I felt the tribal council had the right business approach to opening the casino. The focus would be to provide the best possible customer experience for guests. The casino would build its reputation through customer loyalty and referrals rather than attempting to provide facilities flashier than they needed to be. It is worth noting that the Ponca Tribe has a natural conservative approach to all of its businesses. In IT terms, I knew there would be strict budget realities until there was a cash flow to support investments.
Two critical questions that consumed my thought processes were how were we going to stand up and manage a sophisticated and secure network with minimal costs and staff and how were we going to meet tribal and federal regulatory requirements with minimal staff and a restrictive budget. My immediate solution was to make many phone calls to vendors and consultants I trusted to steer me in the right direction. They proved to be invaluable.
Creating a working plan with the expediential number of variables was a huge challenge in itself. We had to balance what services we had to deliver on day one, while at the same time predicting what our needs might be two or three years down the road to ensure the investment made upfront would scale as our requirements grew. And while every business today is concerned with cybersecurity, this issue is front and center with the casino industry for obvious reasons. Not meeting regulatory requirements, such as unauthorized access, ups the ante for everything we did. Without question, cybersecurity was our most serious concern.
Setting up the casino’s IT infrastructure took careful planning to ensure all the functionality we needed while also addressing system redundancy and component integration. We obviously had to create all the back-office requirements such as e-mail and Office 365, but also the specialty finance, point-of-sale (POS) and player tracking systems that are unique to the casino industry. The centerpiece of our cybersecurity strategy was to leverage a sophisticated firewall system that the tribe had invested in several years before for other businesses. The firewall has all the latest security agents, intrusion detection, e-mail and login encryption, and multi-factor authentication capabilities we needed to comply with casino regulations, while also providing the appropriate levels of protection against criminal acts, such as the use of ransomware and malware.
Once we began setting up systems behind the firewall, the next problem was how to deal with the issue of providing secure remote access for external vendors. These companies would be responsible for maintaining the new systems and would need daily network access through the firewall for monitoring and troubleshooting. And while I had relied on virtual private networks (VPNs) for many years, I immediately understood the heavy burden associated with setting up regular sessions for the many third-party vendors we would come to rely on. We would also need to compile the required user log data and put those into the required reporting format for regulators. I certainly had doubts that working on my own, or even with a small staff, would stretch what we could reasonably provide.
Following months of configuring systems, testing, and retesting, the Prairie Flower Casino Phase I celebrated its grand opening on November 1, 2018 with 200 gaming machines (no tables, initially) and 120 employees. That meant the casino’s entire network was built from scratch in less than four months.
Almost immediately, my fears about how to work with all of our third-party vendors came true.
We struggled in the early days with setting up the many VPN sessions for our vendors and then tracking the credentials we were handing out through our active directory. We also needed to understand what actions the vendors took while logged in. I was constantly worried that a vendor would accidently change a system or server setting, however unintentional, and cause a serious enough issue to take our network down.
From the system administration side, we had the time-consuming challenge of setting up each session, which could take as long as 20-30 minutes, along with considering access requests that happened outside of normal working hours. We were also manually tracking vendor access on Excel spreadsheets and implemented a sort of “honesty system” that governed what parts of the system the vendors would access. In return, we asked for basic reporting from the vendors on what they had done during any individual session. The inefficiency from a manpower perspective, potential for inaccurate reporting from vendors and the inherent security exposure meant our process was not sustainable.
PRESENTING A SOLUTION
It was actually VGT, our gaming machine vendor, which finally came up with a great suggestion, following some late night requests for access that took more time than necessary to arrange.
They suggested we speak with a company called SecureLink, a technology company in Texas that specializes in managing third-party vendor access and had significant experience in the gaming space. For VGT, the biggest advantage would be 24-hour access on their schedule and not having to wait for me or a member of my team to set up a temporary VPN each time access was needed. It also recorded all sessions, so administrators can easily view the actions a vendor had taken down to a granular level.
Although I wasn’t familiar with SecureLink, it ended up fitting our needs perfectly and we quickly contracted with the company to provide their technology platform and workflow consulting. SecureLink’s philosophy is “don’t let things touch” and in this regard, its platform is segregated from our network and provides a streamlined method for providing secure remote access for our vendor partners on a 24/7 basis.
Right up front, the benefit of not handing out our network password is a huge benefit, alleviating the need to track users in our own directory. Another benefit is that it can be configured to grant remote access to only the system assets that a particular vendor is responsible for managing, not universal system access across our network. That means the chance that vendors would inadvertently cause an unintentional error with catastrophic consequences is greatly reduced, creating much more restful nighttime sleep for me and my team.
SecureLink has become a central part of our security protocol. Aside from the actual security benefits provided, the technology includes auditing and reporting capabilities to help us meet our regulatory requirements—no more Excel spreadsheets. And the fact that I can access the platform and see at a glance who last accessed our network and for what reason means that I have more confidence in allowing access. The casino has now even standardized on SecureLink as its sole remote access technology, even for internal executive and manager remote access that previously relied on VPNs. The efficiency that the platform gives us also means I don’t have to hire an additional full-time employee to manage vendor remote access, something we had considered at one point. In that regard, it paid for itself in a matter of months.
THE BENEFITS OF COMPLIANCE
One last thought about the power of transparency in the casino business. When we started this journey to start up a new network in such a highly regulated industry, so much of my thought process was centered on meeting what I considered extremely strict oversight requirements. In reality, meeting compliance has been a bit easier than I had originally thought it would be. The excellent advice from VGT led us to SecureLink. But another has been establishing an excellent working relationship with the Ponca Gaming Commission.
Even before we started mapping out our plans, we proactively reached out to the commission to explain our IT strategy and elicit feedback. The early dialog gave us the opportunity to understand the commission’s reporting requirements and sidestep potential violations. Now, after more than a year in operations, I can sincerely say that our strong working relationship with the commissioners is a core component of meeting our regulatory responsibilities and has helped us avoid potentially costly errors.
Setting up an IT network to handle the many tasks required to operate a casino and comply with the strict compliance regulations in place was a heavy lift. I credit our success by carefully planning our needs, seeking out advice from industry experts, including the regulators themselves, and adapting to realities as they presented themselves. I owe a huge debt of gratitude to the Ponca Tribe for trusting me with this responsibility.
Hilary Farley is the director of information technology for Prairie Flower Casino in Carter Lake, Iowa. She has worked for the Ponca Tribe of Nebraska since 2002, and has held IT-related positions during that time. She can be reached at www.prairieflowercasino.com.
The eyes have IT
Chumash Casino Resort solved a security problem by upgrading to better cameras and storage devices
The Chumash believe they have a special responsibility to provide restorative hospitality to their guests.
In Chumash culture, it is unforgivable to let a visitor who is tired, stressed or depleted leave one’s home without making every effort to restore that guest. Simply providing food and shelter is not enough—it is the host’s obligation to transform their guests so that they can leave ready to face the challenges of their journey. Delivering restorative indulgence is their way of repairing body and soul, which defines Chumash-style hospitality.
At the Santa Ynez, Calif.-based Chumash Casino Resort, this belief includes the security of their guests which, in recent years, has needed an upgrade.
Indeed, security concerns in and around the property had become a challenge. The goal for the Chumash Casino Resort was to replace an aging interior/exterior analog surveillance system that was failing, and to provide upgraded picture resolution as well as remote viewing. This included installing new IP-based cameras and NVR storage devices.
After using a varied selection of VIVOTEK network cameras for their own larger surveillance system, the Chumash Casino Resort opted to go all-in with VIVOTEK products when tasked to replace the analog surveillance system by tribal authorities. They installed a mixture of 21 VIVOTEK cameras connected to the VIVOTEK 32-CH NVR, the ND9541. The outcome met and surpassed the tribe’s goal of replacing the older system, resulting in them utilizing the “all VIVOTEK” format when asked to do the same thing at their tribal clinic months later.
SMILE FOR THE CAMERAS
The Chumash Casino Resort utilizes 14 FD8166A-N ultra-mini IR, fixed-dome cameras in the interior of the property due to its compact size, easy installation, invisible IR design and great picture quality. On the exterior of the property, the casino chose to install five FD8367A-V fixed-dome network cameras, due to its vari-focal lens, 30-meter IR and IP66-rated housing. All the cameras and ND9541 H.265 32-CH Embedded NVR are connected to an AW-GEV- 264B-370, a VivoCam web smart-managed PoE switch, to provide an easy-to-manage surveillance system with remote and mobile access capability.
The FD8166A-N ultra-mini IR, fixed-dome network camera has a tiny diameter of only 90 millimeters. Due to its compact, intelligent design, the FD8166A-N is an ideal indoor surveillance solution that suits a wide variety of applications such as retail, offices, boutiques, and other public areas.
Equipped with a 2MP full HD sensor-enabling viewing resolution of 1920x1080 at 30 fps, the FD8166A-N can capture high-definition images whether in high-contrast or low-light environments by deploying WDR-enhanced and SNV technology. When combined with VIVOTEK’s Smart Stream II technology, the FD8166A-N reduces both bandwidth and storage consumption by up to 50 percent, while retaining the same superb image quality as a full HD camera.
Furthermore, armed with 940nm IR illuminators, the FD8166A-N can see up to six meters in total darkness. As an all-in-one camera, the FD8166A-N is designed for easy installation and equipped with power over ethernet (PoE) functionality, making setup both quick and simple. The FD8367A-V fixed dome network camera is specifically designed for diverse outdoor applications, with a 2MP sensor enabling a viewing resolution of 1920x1080 at a smooth 30 fps.
Dynamic and highly adaptable, the FD8367A-V is an all-in-one camera capable of capturing high quality video at high resolutions of up to 2MP, even in low light environments. The FD8367A-V features VIVOTEK’s Smart Stream II technology, allowing the camera to optimize image quality for desired regions, thus ensuring maximum efficiency of bandwidth usage and savings of up to 50 percent on bandwidth and storage requirements.
In order to adapt to constantly changing outdoor lighting conditions, the FD8367A-V features a removable IR-cut filter as well as IR illuminators effective up to 30 meters for superior image quality around the clock. For protection against harsh outdoor environments, the camera is encased in a weather-proof IP66-rated housing, making it impervious to rain and dust. The robustness of the FD8367A-V is further strengthened by the adoption of a rugged IK10-rated housing.
MANAGING THE SYSTEM
The AW-GEV-264B-370 VivoCam web smart-managed PoE switch is part of the AW-GEV Web Smart Series that combines powerful web smart-managed features with graphic view functions to provide better functionality and usability. The single AW-GEV Web Smart series allows users to find all network devices and deploy a network system automatically. In addition, embedded surveillance features graphic views, such as Topology View/Floor for managing, controlling network structure and device status; as well as Google Map integration to view system status for outdoor applications. The device status and traffic monitoring functions also help users clarify and troubleshoot any connection or device issues. The AW-GEV Web Smart series is ideal for delivering management simplicity, a better user experience and lowering total cost of ownership.
VIVOTEK’s ND9541 is the brand new H.265 Linux-based embedded standalone NVR. Equipped for up to 32-CH network cameras, the NVR features well-built ONVIF compliant and scalable configurations. The NVR also supports remote and mobile access via VIVOCloud and the iViewer app, available for both iOS and Android handheld devices, providing users an open, flexible, and intelligent NVR for seamless use in small to medium sized video surveillance applications.
Furthermore, all these devices are connected to VIVOTEK’s VAST 2 video management software, empowering users to set up and manage advanced IP surveillance systems with ease.
“Our choice of VIVOTEK products have proven to be the right decision with the majority of the projects we do,” said Dominic Sanders, security control supervisor for Chumash Casino Resort. “Their competitive pricing, solid performance and reliability are three of the reasons we keep using VIVOTEK.”
VIVOTEK was founded in Taiwan in 2000. The company markets VIVOTEK solutions worldwide, and has become a leading brand in the global IP surveillance industry. For more information, visit www.vivotek.com.
Sign of the times
Cedar Lakes Casino & Hotel looks to boost its curb appeal and marketing efforts with a massive, roadside digital message center
BY WATCHFIRE SIGNS
The Leech Lake Band of Ojibwe-owned Palace Hotel Casino did not always take full advantage of its prime location fronting Minnesota State Highway 371, a heavily-trafficked stretch of road in Cass Lake, Minn. The tribe’s radical solution to this problem: move the entire operation three miles down the road and house it in a new $45 million facility with a new name—Cedar Lakes Casino & Hotel.
As part of the effort to market this reborn gaming property which opened last August, the Leech Lake Band invested in a state-of-the-art roadside sign.
The massive monument sign features a stacked stone base and wood surround, along with a 21-foot-long, 16mm color digital message center, to reflect the bright, modern finishes of the new casino.
The sign was designed by LSE Architects of Minneapolis and Mendota Heights, Minn.-based SignArt Company, both of which specified Illinois-based Watchfire Signs to create the digital message center. “It was important to be able to easily advertise events, concerts and promotions at the new facility, and a digital message center was the perfect vehicle for this,” said Kevin Snyder, vice president at SignArt Company. “I’ve had a relationship with Watchfire for 30 years, and they are a preferred partner because they stand behind their products. Technical and sales support are always available on site when I need them.”
CONTENT IS KING
Billy Krotzer, with Leech Lake Gaming, is responsible for creating and programming all the content that runs on the Cedar Lakes Casino sign. He said that the Watchfire digital message center is the best visual way to entice guests to visit the facility.
“People today are very familiar with digital media, and our Watchfire sign allows us to use video and animated graphics to grab their attention and communicate with them in the way they are accustomed,” said Krotzer. “Static images simply don’t work as well.”
Krotzer programs messages to change every eight seconds or so, allowing passersby to see at least two messages. He includes a mix of video clips of entertainers, animated graphics of weekly and daily promotions, and reminders about upcoming events. “The Watchfire sign gets noticed because it’s robust, bright and looks great,” said Krotzer, who notes that he frequently gets requests from managers in the casino to run content.
Watchfire Signs is a manufacturer of outdoor digital signs based in Danville, Ill. The company empowers businesses with the most technologically advanced digital signage available. For more information, visit www.watchfiresigns.com.
FOOD & BEVERAGE
Order on the go
Mohegan Sun installs a digital commerce platform for on-demand food and drink service to enhance the onsite experience for guests
Mohegan Sun, one of the world’s leading integrated entertainment resort destinations, has chosen a digital ordering solution from Noble to power its onsite mobile ordering experiences.
Noble’s omni-channel ordering technology is tailor-made to fit into a variety of hospitality, gaming and live event establishments. Guests can order and pay for bar and concession items, such as cocktails or hot dogs by native app, web-link / QR code for app-less ordering, and text via chatbot. Patrons can choose their desired pick up or delivery locations, and pay and tip via Venmo, Apple Pay or credit card. Noble’s platform also enables patrons to schedule orders ahead of time such as arrival, intermission or halftime.
From concerts featuring top headliners including Harry Styles, Brad Paisley and Rod Stewart to professional sports such as the WNBA (Connecticut Sun), Professional Lacrosse (New England Black Wolves) and Mixed Martial Arts (MMA), guests at Mohegan Sun Arena now have a streamlined way to order food and drink. Noble will be integrated within the Mohegan Sun app as well, which is available on both Android and iPhone.
“With guests attending well over 100 concerts and sporting events in Mohegan Sun Arena yearly—many of which are sold-out performances—we needed a system that could handle the volume of food and drink ordering that we encounter frequently,” said Jeff Hamilton, president and general manager of Mohegan Sun. “We looked to build our own platform but the appeal of the Noble network of users and trusted brand made partnering with the company an easy decision. Built for the enterprise, we chose Noble because of its unmatched feature set, which includes in-app integration and risk management, to name a few. For our guests, Noble offers an easy and efficient way to order on-site, making sure visitors don’t miss any of the action.”
Mohegan Sun was developed in 1996 by the Mohegan Tribe of Connecticut. Today it features two casinos, two hotel towers with a total of 1,563 rooms, two spas, a 130,000-square-foot retail shopping experience, more than 275,000 square feet of meeting space and a 10,000-seat award-winning arena.
“We are incredibly excited to be selected to partner with one of the top casinos and entertainment destinations in the country,” said Varun Pathak, CEO for Noble. “More and more gaming and entertainment establishments are moving toward digital technologies to elevate their guest experience. Noble’s platform provides a streamlined ordering experience for food and beverage operators, but also enables consumer intelligence and marketing transformation capabilities that can be leveraged by various teams across an organization. This is a major step in expanding the Noble network into the casino and resort ecosystem.”
Noble is standardizing the digital food and drink ordering experience by connecting entertainment seekers with local entertainment venues with a simple digital ordering solution. The company’s digital commerce platform allows in-venue ordering for guests so they can enjoy more of their time out and venues can benefit from the incremental revenue. For more information, visit www.getnoble.co.