What Keeps Hotel IT Up At Night? - PowerPoint PPT Presentation

What keeps hotel it up at night
1 / 32

  • Uploaded on
  • Presentation posted in: General

What Keeps Hotel IT Up At Night?. Mark G. Haley, ISHC, CHTP The Prism Partnership HAMA September 26, 2013 Orlando, FL. What Keeps Hotel IT People Up At Night?. What Keeps Hotel IT People Up At Night?. Data Security. HSIA. Cloud Computing. High Speed Internet Access.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

What Keeps Hotel IT Up At Night?

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

What keeps hotel it up at night

What Keeps Hotel IT Up At Night?

Mark G. Haley, ISHC, CHTP

The Prism Partnership

HAMA September 26, 2013Orlando, FL

What keeps hotel it people up at night

What Keeps Hotel IT People Up At Night?

What keeps hotel it people up at night1

What Keeps Hotel IT People Up At Night?

Data Security



High speed internet access

High Speed Internet Access

  • It Costs How Much?

  • But we just spent $350,000 on HSIA three years ago!

  • Why the treadmill?

Hsia demand

HSIA - Demand

  • Demand for bandwidth continues to increase!

  • No end in sight

Hsia demand1

HSIA - Demand

  • From a hotel company

Hsia standards

HSIA - Standards

  • Standards changing, performance improving

  • Evolution of the 802.11 Wireless Standards

    • 802.11b >“a” > “g” > “n”

    • 802.11n is the current standard

    • Still many “g” devices out there

    • Generally, access points and client devices are backwards compatible

  • Next: 802.11ac

Hsia 802 11ac

HSIA – 802.11ac

  • What will 802.11ac do for guests?

  • 802.11ac Drawbacks

Hsia 802 11ac1

HSIA – 802.11ac

  • When?

  • Client Devices Follow

Hsia implications

HSIA - Implications

  • “n” network now?

    • OK !

  • “g” network?

    • Satisfaction scores?

    • Invest in “n”

      • Specify field-upgradeable to ac

      • Ensure site survey to support greater WAP density

What keeps hotel it up at night


  • Elements of cost

    • Wireless Access Points (WAP)

    • Switches and cabling

    • WAP Controllers

    • Subscriber Management Server

    • Load Balancing/Bandwidth Aggregation Appliance

    • Intrusion Detection/Prevention Appliance

    • Bandwidth

Hsia what s next

HSIA – What’s Next?

  • 802.11u

  • 802.11ad (60Ghz)

  • More bandwidth

  • More bandwidth

Hsia takeaways

HSIA - Takeaways

  • Consumer demand will require continuous re-investment

    • Try to get on the wave of upgrades instead of under it

    • Anticipate buying more bandwidth every year

  • Upgrade when you guest satisfaction scores tell you that you need to, not when a salesman tells you

  • Continuous re-investment requires a revenue stream to support it

    • Find revenue in HSIA, resist the “Free HSIA” meme

    • Deliver an Internet experience worth charging for

Data security


….What Keeps Hotel IT People Up At Night

Data security

Data security1

Data Security

  • Fear, Uncertainty & Doubt

Data security2

Data Security

  • Hotels are targets

  • But statistics are improving!

    • Why?

Pci compliance

PCI Compliance

  • PCI Compliance

    • Self-regulation imposed by credit card brands

    • Establishes minimum standards for securing data and networks from breaches

    • Common-sense, but difficult to execute

Pci compliance risks

PCI Compliance - Risks

  • Costs of a Breach

    • Fines from issuing brands

    • Costs to address vulnerabilities

    • Costs of Level 1 audits in future

    • Lawsuits from card-issuing banks for card replacement costs

    • FTC/CFPB Lawsuits

    • Loss of customer trust and goodwill

    • Loss of business

    • Tarnished reputation

Pci compliance players

PCI Compliance - Players

  • Key Players & Roles

  • Standards “owned” by PCI Security Standards Council

  • Enforcement reserved to the issuing brands

Pci compliance responsibility

PCI Compliance - Responsibility

  • Always the merchant

  • Does that mean the owner is free of responsibility?

Pci compliance implications

PCI Compliance - Implications

  • If manager as merchant is responsible for compliance…..….and they work for you….

  • Find out what they are doing!

Pci compliance owner questions

PCI Compliance – Owner Questions

  • Ask the manager and brand:

    • Who “owns” compliance in the company?

    • What budget assigned to PCI Compliance?

    • What aspects of operation are “in-scope” for PCI compliance?

    • Are all in-scope Payment Applications certified as compliant under PA-DSS?

Pci compliance owner questions1

PCI Compliance – Owner Questions

  • Ask the manager and brand:

    • What self-attestations have been submitted to acquirers?

    • What self-attestations have been submitted to others?

    • What is their internal assessment of risk of a breach?

    • What processes in place to drive a culture of data security and privacy in the organization?

Data security other aspects

Data Security – Other Aspects

  • PCI not the only risk in data security

  • Hotel-Specific Data Security

  • Credential Breaches

  • Privacy Regulation

  • Employee Data

Cloud computing

….What Keeps Hotel IT People Up At Night

Cloud computing

Cloud computing1

Cloud Computing

  • What is it?

    • Complicated NIST definition:“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models. “http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

    • Simply:

      • Hosted elsewhere by someone you pay to do it well for you

Cloud computing2

Cloud Computing

  • Complicated definition includes concepts of self-provisioning, multi-tenancy and on-demand scalability

  • Basic hosting can be as simple as a rack you lease in a co-location facility

Cloud computing3

Cloud Computing

  • Private Cloud: One company maintains the cloud for exclusively for their own use or their customers’ use

  • Public Cloud: A service provider sells computing resources in their cloud to all comers

Cloud computing benefits

Cloud Computing - Benefits

  • Benefits of Cloud Computing

    • No people required in hotel to maintain system

    • Higher level of resources available in hosting facility

    • Eliminate/reduce need for data synchronization between enterprise and property systems

    • Lower cost of operation**usually

Cloud computing benefits1

Cloud Computing - Benefits

  • If a brand embraces the cloud…

  • Reduced CapEx by owner

  • Reduced OpEx by manager

  • No work or risks for backups, upgrades, system maintenance, etc.

  • PCI scope simplified

Cloud computing risks

Cloud Computing - Risks

  • Lack of control of data

  • 100% dependence on Internet connection

  • No control over updates, etc.

  • Still need to manage interfaces locally

  • Theoretical risk of compromise of network or cloud security

  • Risk of one cloud tenant activity impacting another

What keeps hotel it up at night

Thank You!

  • Login