The biggest drama in the games industry is not played out on screen. The contest is between the games publishers and the hackers. The publishers manage a massive database of payment and player data, which makes it a potential goldmine for potential hackers.
So while you're playing shoot 'em ups, the professionals and the hackers are involved in a more deadly game. And it's all for real.
Here are the rules. The good guys must guard and run thousands of servers and applications with a few staff. To make things interesting, the users (IT groups in big casinos) tend to choose easily-remembered passwords which they rarely change. Which leaves an inviting gap in security cover that hackers find an irresistable target. They know they only have to get lucky once, and they can get access to all areas, since most people have one password for everything.
As if that weren't enough, casinos are horrible places to work, so there's high staff turnover. Some companies lose hundreds of staff every week, many of whom might take inside information with them.
For the same reason, identity and access management (IAM) systems can't cope and privileged identities (super user accounts) can't be monitored easily as so many people (from database clerks to directory servicers) have then.
"Super-user" credentials are often misappropriated by developers, contractors and administrators to gain anonymous access to player and financial transaction records.
The answer: automate the process through a single, centralised console.
This was first published in January 2011