On May 2, 2024, the Secretariat of Prizes and Bets (SPA) and the Ministry of Finance (MF) issued Ordinance No. 722 (link here in Portuguese). This set of regulations outlines the essential technical and security criteria that iGaming and online sports betting operators must adhere to within six months of obtaining their gaming licenses.
In a series of blogs over the coming months, Luana Monje, Sales Executive at Continent 8 Technologies, will examine the various requirements for regulated iGaming in Brazil. First up, she examines the penetration testing requirement, along with other cybersecurity considerations, in more detail.
Ordinance 722, Annex IV, section 41 – Penetration testing: The purpose of penetration testing is to exploit any weaknesses discovered during the vulnerability assessment in any publicly exposed applications or systems that host applications that process, transmit and/or store sensitive information.
Executing thorough penetration testing is a testament to an organisation’s dedication to safeguarding user data. Ordinance 722 defines penetration testing as systematically challenging the strength of network and application layers so that operators and suppliers can identify and rectify vulnerabilities.
Our Vulnerability Assessment and Penetration Testing (VAPT) services provide comprehensive security assessments for a customer’s infrastructure and applications. The VAPT solution enables organisations to achieve regulatory compliance and understand their attack surface area, providing a strong foundation for strengthening security posture.
Key benefits include:
VAPT use case: Read how Continent 8 Technologies supports ODDSworks with cybersecurity audit and vulnerability assessment penetration test services. |
Ordinance 722 offers a set of ground rules from which iGaming and online sports betting operators and suppliers should start. Beyond the suggested checklist, operators and suppliers should also consider a holistic approach that ensures end-to-end protection against any security and cyber threat. A 360-degree defense strategy includes:
By referencing the SPA and MF’s Ordinance 722 policies and partnering with an experienced and trusted solutions provider like Continent 8, operators and suppliers can deploy multi-defense, multi-layer security protection strategies for their iGaming and online sports betting platform. This approach enables them to comply with Brazil’s latest technical and security regulations while demonstrating their commitment to providing secure and trustworthy gaming environments and experiences.
Continent 8 Technologies, the trusted managed hosting, connectivity, cloud and cybersecurity partner to the global iGaming and online sports betting industry for over 25 years, is live in every major regulated Latin American (LATAM) jurisdiction, including Brazil.
Operating out of the LATAM region since 2020, we offer operators and suppliers access to state-of-the-art data centers, connectivity to a global private network featuring 100+ locations across four continents and best-in-class managed and professional services to support the most demanding iGaming and online sports betting requirements.
Discover why Continent 8 is the go-to infrastructure and cybersecurity provider for leading LATAM operators and suppliers such as Betcris, Boldt, Bplay and Vibra Gaming, and learn how we ensure the seamless implementation of compliant and secure infrastructures so that your Brazilian gaming operations are live from day one.
For more information on how Continent 8 can support your organisation’s regulatory and cybersecurity requirements, contact Luana at luana.monje@continent8.com.
Em 2 de maio de 2024, a Secretaria de Prêmios e Apostas (SPA) e o Ministério da Fazenda (MF) emitiram a Portaria nº 722. Este conjunto de regulamentos define os critérios técnicos e de segurança essenciais que os operadores de iGaming e de apostas desportivas online devem cumprir no prazo de seis meses após a obtenção das suas licenças de jogo.
Em uma série de blogs nos próximos meses, Luana Monje, Executiva de Vendas da Continent 8 Technologies, examinará os vários requisitos para o iGaming regulamentado no Brasil. Em primeiro lugar, ela examina o requisito de teste de penetração, juntamente com outras considerações de segurança cibernética, em mais detalhes.
Portaria 722, Anexo IV, secção 41 – Testes de penetração: O objetivo dos testes de penetração é explorar quaisquer pontos fracos descobertos durante a avaliação de vulnerabilidades em quaisquer aplicações ou sistemas expostos publicamente que alojem aplicações que processem, transmitam e/ou armazenem informações sensíveis.
A realização de testes de penetração completos é uma prova da dedicação de uma organização à proteção dos dados dos utilizadores. A Portaria 722 define os testes de penetração como um desafio sistemático à força das camadas de rede e de aplicação para que os operadores e fornecedores possam identificar e retificar vulnerabilidades.
Os nossos serviços de Avaliação de Vulnerabilidades e Testes de Penetração (VAPT) fornecem avaliações de segurança abrangentes para as infra-estruturas e aplicações de um cliente. A solução VAPT permite que as organizações atinjam a conformidade regulamentar e compreendam a sua área de superfície de ataque, fornecendo uma base sólida para reforçar a postura de segurança.
As principais vantagens incluem:
Caso de utilização VAPT (em inglês): Leia como a Continent 8 Technologies apoia a ODDSworks com serviços de auditoria de cibersegurança e teste de penetração de avaliação de vulnerabilidades.. |
A portaria 722 oferece um conjunto de regras básicas a partir das quais os operadores e fornecedores de iGaming e de apostas desportivas em linha devem começar. Para além da lista de verificação sugerida, os operadores e fornecedores devem também considerar uma abordagem holística que garanta uma proteção completa contra qualquer ameaça à segurança e à cibersegurança. Uma estratégia de defesa de 360 graus inclui (ligações de produtos em inglês):
Ao fazer referência às políticas da SPA e da Portaria 722 do MF e fazer parceria com um provedor de soluções experiente e confiável como o Continente 8, operadores e fornecedores podem implantar estratégias de proteção de segurança multi-defesa e multi-camadas para sua plataforma de apostas esportivas iGaming e online. Essa abordagem permite que eles cumpram as mais recentes regulamentações técnicas e de segurança do Brasil, ao mesmo tempo em que demonstram seu compromisso em fornecer ambientes e experiências de jogos seguros e confiáveis.
A Continent 8 Technologies, parceira confiável de hospedagem gerenciada, conetividade, nuvem e segurança cibernética para a indústria global de iGaming e apostas esportivas online há mais de 25 anos, está ao vivo em todas as principais jurisdições regulamentadas da América Latina (LATAM), incluindo o Brasil.
Operando a partir da região LATAM desde 2020, oferecemos aos operadores e fornecedores acesso a centros de dados de última geração, conetividade a uma rede privada global com mais de 100 locais em quatro continentes e os melhores serviços gerenciados e profissionais da categoria para apoiar os requisitos mais exigentes de iGaming e apostas desportivas online.
Descubra por que o Continente 8 é o provedor de infraestrutura e segurança cibernética para os principais operadores e fornecedores da LATAM, como Betcris, Boldt, Bplay e Vibra Gaming, e saiba como garantimos a implementação perfeita de infraestruturas compatíveis e seguras para que suas operações de jogos brasileiras estejam ao vivo desde o primeiro dia.
Para obter mais informações sobre como o Continente 8 pode apoiar os requisitos regulatórios e de segurança cibernética da sua organização, visite Continent8.com ou contactar Luana em luana.monje@continent8.com.
Our Senior Cloud Solutions Architect Matteo Gabrielli wrote a brief blog of Continent 8’s LATAM marketing and services.
The Latin American (LATAM) iGaming and online sports betting market is growing rapidly, presenting both opportunities and unique technical challenges. As operators and suppliers expand into this market, they face critical decisions about infrastructure, compliance, and scalability. At Continent 8 Technologies, we guide customers through this complex landscape, leveraging our deep expertise in AWS (Amazon Web Services) solutions, on-premises infrastructure, networking, cybersecurity, and iGaming-specific technologies.
One of the key characteristics of iGaming operations in the LATAM market is the approach many customers take to infrastructure deployment. While regulations vary across the region, many operators choose to serve the entire LATAM market from a single AWS location, such as US East (Virginia), US West (Oregon), or South America (São Paulo).
This centralized model, chosen by some of our customers, offers advantages in terms of operational simplicity and cost-effectiveness. However, it also requires careful planning to ensure performance, compliance, and scalability across diverse geographic and regulatory landscapes.
With over 25 years in the iGaming industry and a network spanning more than 100 locations across four continents, Continent 8 brings a unique blend of global reach and local knowledge to the table. Our presence in 30 US states, multiple Canadian provinces, and key locations across LATAM, Europe, and Asia allows us to offer comprehensive compliant solutions.
What sets us apart is our ability to be a single source provider for all regulated locations. Our team has a deep understanding of AWS architectures, on-premises infrastructure, networking intricacies, cybersecurity best practices, and hosting requirements specific to the iGaming industry. This expertise translates into consistent, high-quality implementations across your entire infrastructure stack.
In the fast-changing iGaming and online sports betting landscape, generic solutions often fall short. That’s why we approach each customer engagement with a fresh perspective, considering not just current needs but future growth trajectories.
Our solutions include:
Our cloud offering is purpose-built for iGaming, ensuring regulatory compliance while providing the flexibility and scalability needed in dynamic markets. It’s an ideal choice for operators looking for a fully managed, iGaming-specific solution.
Often, the best solution involves a strategic combination of Continent 8 and AWS resources, optimized for performance, compliance, and cost-effectiveness. This approach allows you to leverage the strengths of both platforms.
For those preferring an AWS-focused approach, we design and implement solutions that take full advantage of AWS capabilities, complemented by our industry-specific expertise.
Our goal is not to push one platform over another, but to architect the solution that best fits your unique needs and growth plans.
One of the most common pitfalls we see in global expansions is the tendency to replicate entire deployments across different jurisdictions. While this approach might seem straightforward, it often leads to high costs, maintenance challenges, and scalability issues down the line.
Instead, we advocate for a more strategic approach:
We break down your infrastructure into modular components, creating systems that can be easily replicated or scaled independently. Crucially, this design considers which components are subject to regulation and which are not, allowing for more efficient expansion into new markets without unnecessary duplication or compliance risks.
We design solutions that centralize core components while ensuring local regulatory compliance. This strikes the right balance between operational efficiency and legal requirements.
The iGaming regulatory landscape is constantly evolving. Our architectures are designed with flexibility in mind, allowing you to adapt quickly to new requirements or market opportunities.
At Continent 8, we offer more than just infrastructure. Our team provides comprehensive support throughout your journey:
Operating across the LATAM region presents unique performance challenges. Latency, data sovereignty, and varying regulatory requirements all come into play. Our approach combines strategic use of the Continent 8 purpose-built network, AWS services, custom content delivery solutions, and optimized network routing to ensure a seamless user experience across the region.
Navigating the regulatory landscape in LATAM requires a nuanced understanding of both regional and country-specific requirements. Our “Regul8 Guardrails” solution embeds compliance checks directly into your cloud infrastructure, ensuring that you maintain regulatory alignment even as you rapidly scale and expand.
Our regulatory affairs team’s proactive approach means you are not just compliant today, but well-positioned for the regulatory landscape of tomorrow. They work closely with our solution architects and account teams to ensure that compliance considerations are built into every aspect of your infrastructure.
The most critical aspect of our approach is the focus on long-term optimization. The infrastructure decisions you make today will have profound implications for your operational efficiency and competitiveness in the years to come.
Our team continuously monitors your systems, identifying opportunities for cost savings, performance enhancements, and architectural improvements. We have helped clients achieve significant cost reductions through strategic workload placement, rightsizing of resources, and implementation of scalable solutions tailored to the unique traffic patterns of iGaming applications.
As you plan your entry or expansion in the flourishing LATAM iGaming market, remember that the right infrastructure strategy can be a powerful competitive advantage. At Continent 8, we bring a unique combination of iGaming industry knowledge, AWS expertise, on-premises infrastructure experience, networking proficiency, and cybersecurity best practices to every engagement.
We are not just here to provide technology – we are here to be your strategic partner in navigating the complexities of global expansion. From initial architecture design to ongoing optimization and support, our team is committed to your long-term success in LATAM and beyond.
Ready to craft a future-proof strategy for your iGaming operations? Let’s start a conversation about how we can align cutting-edge technology with your business objectives. Contact our team of experts at sales@continent8.com, and let’s build the foundation for your success in the dynamic LATAM market.
Learn more about our AWS solutions here.