11VAC20-20-480. Communications and network requirements.
A. Where the network bingo system components are linked with one another in a network, communication protocols shall be used that ensure that erroneous data or signals will not adversely affect the operations of any such system components.
B. All data communication shall incorporate error detection and correction schemes to ensure the data is transmitted and received accurately.
C. Connections between all components of the network bingo system shall only be through the use of secure communication protocols that are designed to prevent unauthorized access or tampering, employing Advanced Encryption Standard (AES) or equivalent encryption.
D. A firewall or equivalent hardware device configured to block all inbound and outbound traffic that has not been expressly permitted and is not required for continued use of the network bingo system must exist between the network bingo system and any external point of access.
E. The minimum width (size) for encryption keys is 112 bits for symmetric algorithms and 1024 bits for public keys.
F. There must be a secure method implemented for changing the current encryption key set. It is not acceptable to only use the current key set to encrypt the next set.
G. There must be a secure method in place for the storage of encryption keys. Encryption keys must not be stored without being encrypted themselves.
H. If a wireless network is used, wireless products used in conjunction with any gaming system or system component must meet the following minimum standards:
1. Employ a security process that complies with the Federal Information Processing Standard 140-2 (FIPS 140-2); or
2. Employ an alternative method, as approved by the department.
Statutory Authority
§ 18.2-340.15 of the Code of Virginia.
Historical Notes
Derived from Virginia Register Volume 39, Issue 14, eff. March 29, 2023.