Harrah’s Entertainment has every need to trust its employees, and every reason to be paranoid. Employees of the Las Vegas-based casino chain handle $10 million to $15 million in cash every day?as much as the country’s largest banks. About 12,000 of its 47,000 employees have access to the sensitive information housed in Harrah’s customer relationship management system, which keeps track of how customers have gambled and spent on previous visits to its casinos across the country. “There’s an implicit trust that we have with our employees,” says CIO John Boushy. But there are also intense checks and balances to keep everyone honest?little ways that add up to robust security. Here’s a checklist.Physical surveillance From stairwells to the data center, cameras are installed practically everywhere except inside hotel rooms. Security badges Employees must have IDs to be on the casino floor, and badges are revoked when employees leave the company. User account monitoring Employee accounts are usually closed within a day of their leaving the company. Every quarter, managers compare personnel files with security files, looking for discrepancies.Daily log reviews Every night at each property, an IT employee reviews significant changes, such as a change to a customer’s credit limit. Checks and balances At least three people are involved whenever it’s time to replenish the supply of chips at a gambling table. Each employee’s step gets documented.Limited access based on location Systems are configured so that certain kinds of information can be accessed only in certain locations. For example, someone behind the front desk couldn’t submit a request to send more chips to a table.Strict access to data centers To enter, an employee needs to type in a password that changes at least once a month. On the keypad, the way numbers are assigned to buttons is randomly generated so that no one can casually observe an employee punch in numbers.Limited access to the production system When an IT employee needs to make a change to the production system, which handles transactions on the casino floor and houses the CRM loyalty program, he needs to call the help desk for a temporary user ID. The reason for the change is logged, and the changes are monitored.Boushy says it was important to make sure Harrah’s built such security steps into its operations from the start. “It’s just been such a major component of the way we operate our business,” he says. Related content feature 4 remedies to avoid cloud app migration headaches The compelling benefits of using proprietary cloud-native services come at a price: vendor lock-in. Here are ways CIOs can effectively plan without getting stuck. By Robert Mitchell Nov 29, 2023 9 mins CIO Managed Service Providers Managed IT Services case study Steps Gerresheimer takes to transform its IT CIO Zafer Nalbant explains what the medical packaging manufacturer does to modernize its IT through AI, automation, and hybrid cloud. By Jens Dose Nov 29, 2023 6 mins CIO SAP ServiceNow feature Per Scholas redefines IT hiring by diversifying the IT talent pipeline What started as a technology reclamation nonprofit has since transformed into a robust, tuition-free training program that seeks to redefine how companies fill tech skills gaps with rising talent. By Sarah K. White Nov 29, 2023 11 mins Diversity and Inclusion Hiring news Saudi Arabia will host the World Expo 2030 in Riyadh By Andrea Benito Nov 28, 2023 4 mins Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe