On the question of whether there were cameras monitoring the control room for the Stones Poker Live broadcast:
Quote:
Originally Posted by garetjaxor
I think Veronica was asked this on DNegs podcast from saturday and I believe she didn't think so or wasn't sure, but she did say people had phones out while they were broadcasting live and everyone was in and out of there, leaving their backpacks in there etc.
You know, it's really just a joke now.
Having worked in a highly secure operation (not a casino, I have zero experience working casinos), I just assumed a licensed casino in the US would have certain legal obligations to maintain the integrity of their operations. And this is why I was sure someone from senior management had to be in on this for the appropriate approvals, ability to cover their tracks, etc. Again, based on what I know from working in a highly secure facility. But now I'm starting to think the security here was on par with an average home game. At least for Stones Live Poker.
If you are processing the video feed in real time, that information must be locked down. Otherwise, you cannot guarantee the integrity of the game. What would I expect at a minimum?
Only a small number of pre-approved people could be in the control room at any time, and the room should be physically locked at all times. During an actual broadcast, this number should shrink even further to the minimum number of people required to view the real-time data during the broadcast. In other words, when not broadcasting, perhaps 5 people have approvals to be in that room, and it's still locked at all times. During the broadcast, that number may shrink to 2 or 3, and again, the room is locked.
There should be cameras monitoring who comes and goes in this room, with time stamps. The camera feed should record and store this information for a minimum of 6 months. It should be stored elsewhere, not on a server within that control room, so there is no way for anyone in that room to destroy the CCTV recordings.
If they have their own servers and networking in the control room just for this broadcast (not using Stones regular data center), they should at least have a minimum number of people who can install anything on those servers. And everything that is done on those servers or across that network should be logged. It should be impossible to access (edit, delete) this log by anyone working within the control room. Assuming they ran everything on a separate network and on separate servers, the only way to get rid of this log file would be to physically destroy the server on which it's located. So we should be able to go back and see who loaded what and when.
Obviously I'm assuming user and password integrity. If Admin123 was the user name that was shared by many, and the password was "Password123," then God help them. At this point, I wouldn't be surprised to hear it, to be honest...
Ideally, assuming they are using their own Stones Poker Live servers (not connected in any way through the regular Sones casino data center), a regular audit should occur, with log files backed up and removed from the servers used for Stones Live and stored somewhere else.
In general, it's starting to look like Stones wanted to get on board with live streaming poker as a way to promote their casino and promote poker, and good for them. But it also seems like they may not have applied their rigorous security standards found elsewhere in the casino (I'm assuming this is the case) to this new operation. Perhaps overly depending on the competence of senior people who managed Stones Poker Live, at least from a security perspective.
Clearly that was a mistake.