Gala marks compliance card

Gaming group rolls out system to improve data reporting capabilities

Gala Coral is to ensure PCI compliance

Betting group Gala Coral is rolling out software to improve security and reporting in line with industry data compliance rules.

The company is implementing the system across all its businesses ­ which include Gala Casinos, Gala Bingo, Coral and Eurobet ­ as a group-wide platform to boost application availability, change management and reporting capabilities according to Payment Card Industry Data Security Standard (PCI DSS) requirements.

The system has been used for secure central log collection and audit trail retention purposes, but Gala Coral found it needed better data indexing tools to collate and report on any form of log file or data stream.

“This gives us highly granular logging information and enables us to turn any data into a concise management report,” said Gala Coral’s group information security officer Peter Bassill.

“The ability for a number of members of IT staff to have controlled access to the solution also frees up the core IT team’s time to focus on other issues.”

Implementation of the system is underway at all of the group’s datacentres and covers a range of information sources including servers and application logs.

With the platform, Gala Coral hopes to develop coverage of PCI compliance areas such as control reporting, audit trail retention, secure remote access and secure central log collection.

Earlier this year, the company signalled the importance of PCI compliance when head of transactional services Jim Noakes said during a conference that the standard is “a way of keeping the external and internal bad guys out” and that an “open ‘spring clean’ is very important”.

The PCI DSS security standard affects any company transmitting, processing or storing credit card information. Compliance is graded, with merchants divided into four different levels based on the number of transactions they process during the year.