Protecting guests’ data is just as important as preserving their physical safety, but confusion still abounds regarding hoteliers’ level of responsibility for protecting guest data. How operators access and store guest data is key to understanding their liability in relation to that data.
MARKHAM, Ontario (PRWEB) August 25, 2021
Data security has come under greater scrutiny for all businesses in recent years, with larger fines and penalties being awarded for contemporary data breaches. In the hotel industry, this issue is compounding as digital transactions take precedence over physical exchanges, and third-party partnerships are becoming more important to maintain operations. Choosing the right partner and hosting environment for a hotel can be complicated. Maestro, the preferred browser based cloud and on-premises property-management system for independent hotels, luxury resorts, conference centers, vacation rentals, and multi-property groups, is advising hoteliers that it is the PMS that will play a critical role in securing confidential data.
“Protecting guests’ data is just as important as preserving their physical safety, but confusion still abounds regarding hoteliers’ level of responsibility for protecting guest data,” said Maestro President Warren Dehan. “It’s easy to understand why, with multiple ways to host and access the servers containing this data and the way this intersects with third parties. How operators access and store guest data is key to understanding their liability in relation to that data.”
Dehan explained that there are two components of the puzzle: the booking engine used by hotels, and the actual PMS. Since guest data can be self-hosted by hotels, managed on-property by a third party, or handled entirely off site, it’s up to hoteliers to decide what works best for their properties.
“Hosting a hotel’s online booking engine comes with an extensive investment into web server technology, as well as a great deal of local IT management requirements,” Dehan said. “For that reason, many operators have chosen to work with third parties to host their booking engine off site. However, even if the hotel’s data is out of sight, it is the hotel’s responsibility to keep its data partners accountable.”
Maestro suggests that operators ask these important questions: Is the data center equipped with proper heating and ventilation? When was the last time the facilities were inspected? What data security handling certifications do they maintain? How forthcoming is the data center with this information?
“These are important factors all businesses should know about their data storage, and it is necessary to perform due diligence to be certain that guests’ data is in good hands,” he said.
To stay informed on the status of a hotel’s data storage, Dehan advised that operators should become familiar with the management at work in their hosting facility. He suggested that managers request information on the hosting facility’s certifications for GDPR, PCA, SOC 2, and others. He also said it will be useful for learning who oversees rolling updates out to the hotel’s machines, as well as firewall rules, antivirus requirements and more.
“Forming relationships with the network administrator is key because every partnership in this arena is unique,” Dehan said. “Depending on the agreement, data storage and security for hotels could be mostly automated, or hotels could be expected to manage several processes on their own. In some cases, hotels are expected to source out their own data center and manage it themselves — though this is not desirable without a proper IT infrastructure and team at the hotel property or corporate level. With such a range of service available, operators need to be certain they know who is doing what, from backing up information to the day-to-day management of database servers.”
No matter how a hotel stores its data, operators will always be liable for securing it on some level. This is particularly true for PCI compliance, as hotels still physically handle credit cards properly and store guests’ card data well locally. Partnerships of any kind do not absolve hotel operators from managing their local network. This is important because hotels have many devices that share printing, Internet connections, email, Bluetooth, and more. Operators must know where their partners’ liability ends and theirs begins.
For example, data services have tenants, like the housing market, and it pays to know if the hotel will have neighbors or not. Businesses have the option to invest in either a dedicated or open hosting environment, with benefits and drawbacks to both. Dedicated hosts allow for updates to roll out in coordination with operators’ decisions, keeping it autonomous and allowing for proper scheduling and preparation.
The other option, where multiple businesses share a single server host and single application instance, is a more hands-off proposition but it comes with its own surprises. Hotels using these hosts may have fewer concerns when it comes to managing their IT, upgrade scheduling, or shared data storage, but when an update is rolled out by the host it is done to every company on the shared server environment, whether your property is prepared for it or not. Surprise updates such as these can potentially impact operations, or other aspects of your business.
“In general, hosted environments, whether multi tenanted or dedicated, reduce some of the operational load of your IT team in various ways, dependent on the level of interaction coming from your data partner,” Dehan said. “A fully managed implementation could absolve hoteliers from overseeing updates, watching alerts for threat monitoring, and more. These systems also give operators the benefit of accessing their systems from anywhere, often through and ideally via browser-based user interfaces.
“Every property’s needs are unique, but the PMS chosen must be able to support the hotel’s business goals,” he said. “The hosting environment for both PMS and guests’ data should provide operators with confidence through open and clear communication, vendor commitment and choice of options that best suit specific independent needs. Once hoteliers understand the hotel’s liability burden, they are free to focus on their mission of serving guests.”
# # #
About Maestro
Maestro is the preferred Web Browser based cloud and on-premises PMS solution for independent hotels, luxury resorts, conference centers, vacation rentals, and multi-property groups. Maestro’s PCI certified and EMV ready enterprise system offers a Web browser version (or Windows) complete with 20+ integrated modules on a single database, including mobile and contactless apps to support a digitalized guest journey as well as staff operations. Maestro’s sophisticated solutions empower operators to increase profitability, drive direct bookings, centralize operations, and engage guests with a personalized experience from booking to check out and everything in between. For over 40 years Maestro’s Diamond Plus Service has provided unparalleled 24/7 North American based
support and education services to keep hospitality groups productive and competitive. Click here for more information on Maestro. Click here to get your free PMS Buying guide.
- access
- Agreement
- All
- Allowing
- American
- antivirus
- Application
- apps
- Automated
- autonomous
- bbc
- BEST
- bluetooth
- browser
- business
- businesses
- Buying
- cases
- Cloud
- coming
- Communication
- company
- compliance
- Conference
- confidence
- confusion
- Connections
- credit
- Credit Cards
- data
- Data Center
- data security
- data storage
- Database
- deal
- Devices
- digital
- digital transactions
- Education
- empower
- ends
- Enterprise
- Environment
- Exchanges
- experience
- Facility
- Focus
- Free
- General
- Goals
- good
- great
- Guest
- guide
- Handling
- hospitality
- hosting
- hotel
- hotels
- housing
- How
- HTTPS
- image
- Impact
- Including
- Increase
- industry
- information
- Infrastructure
- interaction
- Internet
- investment
- IT
- IT Management
- keeping
- Key
- learning
- Level
- liability
- load
- local
- locally
- Machines
- management
- Market
- Mission
- Mobile
- monitoring
- neighbors
- network
- news
- North
- Offers
- online
- Ontario
- open
- Operations
- Option
- Options
- Other
- Others
- partner
- partners
- Partnership
- partnerships
- physical
- president
- profitability
- property
- puzzle
- range
- reduce
- Relationships
- rentals
- Requirements
- Roll
- rules
- Safety
- security
- Services
- serving
- Share
- shared
- Solutions
- Status
- stay
- storage
- store
- stores
- support
- surprise
- system
- Systems
- Technology
- third parties
- time
- Transactions
- Update
- Updates
- warren
- web
- web browser
- web server
- WHO
- windows
- within
- Work
- works
- years
