Security engineered for oversight.
In regulated lottery environments, trust is earned through traceability, controlled access, and audit readiness. That is the standard Fortrix is built to support.
Lottery programs operate across complex ecosystems: core gaming systems, iLottery platforms, retailers, payment partners, and service providers. Oversight teams still need a clear line from source activity to reported outcomes, even when responsibilities and data sit across multiple parties. Fortrix provides an independent controls layer that runs alongside existing operational and vendor systems, strengthening governance without disrupting day-to-day operations.
We focus on making oversight practical. That means validating activity independently, preserving the records required to support reviews and audits, and keeping oversight controls separate from operational systems so accountability stays clear.
How we approach trust and security
Independently validates system activity rather than relying solely on vendor-provided reporting.
Preserves a complete, traceable record of key events and control actions to support audits, reviews, and investigations.
Maintains clear separation between operational systems and oversight controls to support independent review.
Supports jurisdiction-level governance and regulatory oversight requirements across multi-provider environments.
Data isolation
Each customer deployment runs in an isolated environment with segregated data storage and dedicated resources. This supports jurisdiction-controlled environments and reduces cross-tenant risk.
Access control
Role-based access control ensures access is aligned to responsibilities so users only see and do what they are permitted to.
RBAC policies support consistent permissioning across teams, roles, and oversight functions.
Segregation of duties supports separation between creation, approval, and review activities, reducing conflicts of interest and strengthening operational integrity.
Audit log integrity
Event logging is designed to be append-only and traceable, supporting reconstruction over time.
Change tracking captures what changed, who made the change, and when it occurred, with export-ready formats to support audit workflows and regulatory submissions.
Built for audit and review
Fortrix supports audits, reviews, and regulatory inquiries by maintaining clear, traceable records of system activity across partners and environments. When questions arise, teams can review what happened, follow the chain of events, and resolve issues faster with consistent documentation and accountability.
Security operations
Security is maintained through disciplined operational practices, not just product design.
We encrypt data in transit and at rest.
We enforce strong authentication alongside role-based access control, including RBAC policies and segregation of duties where appropriate.
We monitor for anomalous access and operational patterns, and we retain logs to support review and investigation needs.
We apply routine patching and vulnerability management processes to reduce exposure over time.
We maintain incident response procedures aligned to regulated-environment expectations, including containment, investigation, and documented remediation.
Trust and security at Fortrix are foundational to how we design, deploy, and operate the platform, so oversight remains reliable as lottery environments scale and evolve.