UK Gaming Company

Controlling and Reducing Exposure Risks While Complying with Regulations

A UK Gaming Company Chooses CloudLock to Comply with Gaming and Data Protection Regulation and Reduce the Data Exposure Risks

The UK gaming company is one of the world’s leading betting and gaming enterprises with both a retail and Internet presence. The company serves hundreds of thousands of clients in various languages and currencies.

The company incorporates the highest levels of security, and is focused on building its digital capabilities to realize its vision of becoming a fully enabled international betting and gaming business.

Business Problem

The UK gaming company moved to Google Apps in July 2010 to leverage both cost savings and better collaboration for its employees. With the growing number of employees using Google Apps and the increased number of documents and sites created, the security team realized that they needed visibility, control, and security for their Google Documents and Sites.

“I was looking to implement similar security controls to the ones we have for our on-premise legacy file servers,” said the Information Security and Risk Manager for the UK gaming company.

Reducing Risk by Monitoring and Removing Exposures

“CloudLock gives me the visibility and controls I need to effectively secure the exposures in our Google Apps environment. With CloudLock I’m able to reduce the risk to an acceptable level for our company. CloudLock’s monitoring and dashboards allow me to stay on top of new exposures and secure our data as needed,” said the Information Security and Risk Manager.

The Information Security team has been using CloudLock to control and limit exposures on Google Documents and sites. They are able to do so with CloudLock’s:

• Consolidated Dashboard – that highlights the risks and provides an overview of users, documents, sites, and exposure classification for the entire domain. The dashboard also allows a quick drill through into the exposed data to view and take immediate action.
• Full Control of Permissions and Access Rights – to enforce access controls by adding or removing collaborators, changing ownership, and changing collaborator access rights on all documents and sites in the domain.
• Keyword and Metadata Search – CloudLock enables users to search the entire domain for documents by document name, owners, dates, and content. Content search is available for all Google Docs native documents (Documents, Presentations and Spreadsheets), MS Office files, and PDFs.
• Ongoing Monitoring and Alerting - Oversee the entire domain with email alerts on newly exposed documents and changes in permissions for existing documents.

Comply with Regulations and Internal Governance Procedures

With the transition to the cloud and storing documents in Google Docs, the same internal data control requirements must be followed in a cloud file server. IT therefore is tasked with implementing technical controls and continuous access auditing to assure the reliability of data related to financial transactions in Google Docs.

“Being a publicly traded gaming company, we need to comply with several gaming and compliance regulations. CloudLock helps us achieve the data governance we need and allows us to use Google Documents and Sites securely,” said the Information Security and Risk Manager.

CloudLock’s complete audit trail of all activities and changes performed provides a tamper-proof audit trail for changes and searches done via the application as well as a full audit trail for all user permission changes.

CloudLock is uniquely positioned to give domain administrators the tools they need to establish effective and repeatable processes to comply with regulations and internal governance procedures. For more on how to use CloudLock for Compliance and Governance