CASE STUDY Comanche Nation Casinos Slot machines are the bread-and-butter for virtually all casinos that employ them. In fact, the American Gaming Association reported in 2010 that while one-armed bandits produced just 45% of the revenues in gambling mecca Atlantic City in 1978, by 2010 that number had climbed to almost 70%. Small wonder: most gamblers – the AGA calls it a “significant majority” -- say slots are their favorite games to play, with nearly endless varieties of machine types and often low-entry costs – as little as a penny in some cases. For David Kavaljian, IT Director at the Comanche Nation Board of Advisors, the allure of noisy and colorful slot machines and electronic bingo systems means good business for the five casinos in southern Oklahoma. But slots are also one of the most heavily regulated and scrutinized aspects of casinos. The Challenge of NIGC Regulations The Comanche Nation Casinos fall under the auspices of the Indian Gaming Regulatory Act of the National Indian Gaming Commission (NIGC) which requires that casinos monitor the internal controls of any and all gaming systems on site. The National Indian Gaming Commission’s Minimum Internal Control Standards for Class II Gaming specifies the basic security visibility required for information technology and information technology data. “In practice, Comanche Nation Casinos needs to “We’ve got a new level of confidence in our ability to report on all IT activities, and to satisfy all of the many and changing regulations we face as a casino.” be able to show, at any given time, where and when our people have touched information in any of the machines,” Kavaljian says. At the Comanche Nation Casinos, that can get complicated. The casinos use a number of Class II (electronic bingo machines) and Class III (slot machines) in their various locations. The machines are owned by eight discrete vendors, and are managed by proprietary servers at each site. For security purposes, the individual casino has no direct access to its on-site servers. Monitoring the disparate systems and servers from a centralized location while also meeting regulatory demands was a significant challenge, Kavaljian says, so his group set out to find potential solutions. —David Kavaljian, IT Director Finding the Right Monitoring Solution The IT group for the casinos researched and tested several security solutions that would allow them to track the required information. Kavaljian says that while each had its plusses, the main negative was each allowed some level of data access by third-party equipment vendors, essentially negating his ability to have full control. Additional research brought them to ObserveIT, which offers video-level auditing that records remote desktop protocol (RDP) and all remote access. “This was the only solution that really allows our Board of Advisors to do the auditing in a non-intrusive and fully transparent way,” he says. observeit.com/tryitnow CASE STUDY Comanche Nation Casinos ObserveIT’s session recording and logging solution – which records videos of every server session as well as textual activity logs of everything done by users while logged into casino computers -- allows the casinos to implement key controls involving the logging and monitoring of all activity performed on its sensitive systems. Whereas standard logs collect data on server and network activity, session recordings and logs focus on the user activity within the operating system and every application (commercial, bespoke, legacy and cloud). It’s a granular, user-focused monitoring capability so the Comanche Nation can have all the details to understand what administrators and remote vendors are doing on managed servers and desktops. The ObserveIT Solution for Comanche Nation Casinos ObserveIT quickly gave The Comanche Nation Casino absolute visibility. “Having a video that can show exactly what is happening or what already transpired -- like the script used in a command -- is essential to compliance with the NIGC regulations, and that’s what ObserveIT allows us to do,” Kavaljian says. The remote vendor monitoring aspect allows them to see exactly what each third party vendor is doing, helping improve security, accountability and policy messaging. It offers transparent service-level agreements and billing validation with third parties as well. The system also helps with root-cause analysis, so they can better understand “who did what?” and when. “We’ve got a new level of confidence in our ability to report on all IT activities and to satisfy all of the many and changing regulations we face as a casino,” Kavaljian adds. The casino also uses ObserveIT’s network device configuration change monitoring capabilities, allowing them visual monitoring and auditing when they need to reconfigure network devices. In addition to full video recording and playback of every device configuration change, the system also offers keyword-searchable activity logs and custom alerts based on user-definable triggers. observeit.com/tryitnow
© Copyright 2026 Paperzz