Hospitality and Resort Industry Identity Management and SSO

Hospitality and Resort Industry Identity Management and SSO

What does a resort guest want from their experience on an emotional level? For many guests, it comes down to rest and relaxation. That means getting a break from the stresses of everyday living. Creating that experience requires a combination of hospitality services and amenities, such as clean and spacious rooms, pools, beaches, restaurants and recreational facilities. Most hospitality managers are already doing well in those areas. There’s just one missing ingredient for your guests to truly relax and have a relaxing time — security.

If a guest or employee feels threatened or insecure, they will not have a positive experience. Simply put, security is a fundamental human need. That’s why managers need to implement a security policy that puts everyone at ease. Fortunately, most resorts already have security policies in place. However, they do not have a way to measure these policies and determine if they are effective. To help you address that concern, follow this four-step process.

Evaluating Resort Security Processes
No resort manager wants to face the nightmare of a security incident. One negative media story — or a handful of negative reviews on Trip Advisor — can sink your performance overnight. To prevent that situation, use these steps to evaluate the maturity of your security process. Cornell University research found that higher online reviews tend to increase room revenue. Make sure your guests feel safe so they are more likely to write positive reviews.

1. Put Your Staff to the Test
Let’s assume you have a security training program in place for your resort’s employees. In many organizations, security training is provided when an employee is hired. In some industries like banking, there is an annual security training process. We recommend a simple online security test of 10 to 15 multiple choice questions on your organization’s security policies and procedures. Set 80% as the passing grade for the test.

Tip: Focus your test questions on the most important security processes. For example, if your identity management process requires everyone to use a key card to access sensitive areas, put a question on that point. Avoid asking highly technical security questions, because these are unlikely to give you helpful information.

2. Evaluate Physical Security Processes
In the hospitality industry, you face the challenge of new people arriving on your property every week. Your facility could be secure one week and less secure the next week if staff neglect key processes. To evaluate physical security, audit key cards, traditional keys, and physical security records.

Tip: Do third-party service providers (e.g. HVAC maintenance) regularly access your property? Make sure their physical security access is evaluated as part of your review. The 2013 security incident at Target — which exposed data from millions of customers — was traced to “the stealing of network credentials from a third-party HVAC vendor.”

3. Check Security Documentation and Records
Unless you have detailed records on your security, it is difficult to know if your programs are effective. Keeping detailed security records is also helpful in case your resort is asked to provide evidence to an insurance investigation, audit, or other external review. Any gaps in your security documentation — even if they are entirely innocent in your mind — are likely to prompt uncomfortable questions.

Resource: Instead of keeping manual logbooks and spreadsheets, consider using an identity management solution like Avatier. The Compliance Auditor makes it easy to quickly review employee security access so you can see who is certified and who is not certified. You can create profiles for each employee type (e.g. restaurant staff, pool staff, room staff) to simplify the security process.

4. Evaluate Your Security Automation Maturity
How much time do managers spend each week and each month on security administration? For managers with a large workforce, the time quickly adds up to hours. There are two ways to evaluate your security automation level. First, ask your IT and security managers which tools and processes are in place to manage security. Second, conduct a survey of your managers to ask them how much time security activities take to administer. With these answers in hand, you can evaluate the organization’s security level.

Further Reading
For additional insight on the studies and examples referenced in this article, please consult the articles below.

Written by Nelson Cicchitto