IT Toolkit Version 2 January 2012 Table of Contents Introduction: ..................................................................................................................................................... 3 Glossary of Terms ........................................................................................................................................ 5 Hotel Network Schematic:.......................................................................................................................... 8 Section 1 .......................................................................................................................................................... 8 Physical Cabling and Building Infrastructure .......................................................................................... 8 Section 2 .......................................................................................................................................................... 9 Local Network (LAN) set-up, Network Security and Naming Conventions........................................ 9 IHG Naming Convention............................................................................................................................ 9 Core Hotel Applications and inter connectivity: ................................................................................ 10 Section 3 ........................................................................................................................................................ 10 Your Hotel Network and how if connects to IHG Systems ................................................................. 10 Section 4 ........................................................................................................................................................ 11 Property Management Systems (PMS) Point of Sales Systems and IHG specific applications .. 11 Point of Sale .............................................................................................................................................. 11 System requirements ............................................................................................................................... 11 User access requirements....................................................................................................................... 11 Interfaces ................................................................................................................................................... 12 IHG Specific Applications. ....................................................................................................................... 12 Section 5 ........................................................................................................................................................ 13 Guest facing technologies and applications HSIA, TV, Telephone .................................................. 13 Recommended Telephony Vendors ...................................................................................................... 14 High Speed Internet Access (HSIA)....................................................................................................... 14 Door locking Systems .............................................................................................................................. 16 Section 6 ........................................................................................................................................................ 17 Hotel internal applications ....................................................................................................................... 17 E-Mail and Internet ............................................................................................................................... 17 Microsoft Licensing and Applications..................................................................................................... 18 Antivirus Software..................................................................................................................................... 18 1 Backup........................................................................................................................................................ 18 Section 7 ........................................................................................................................................................ 19 Best Practice Credit Card Data Security - advise for Hotels.............................................................. 19 Section 8 ........................................................................................................................................................ 20 IT Budgets and Preferred suppliers ....................................................................................................... 20 Section 9 ........................................................................................................................................................ 20 Legal requirements - Data Protection, Data Retention ....................................................................... 20 Section 10 ...................................................................................................................................................... 21 IHG IT Contact Details ............................................................................................................................. 21 2 Introduction: The IHG Owners Association EMEA IT Sub-Committee convenes four times a year and its mission is to increase owner/operator involvement in - and awareness of - IHG's Technology roadmap/strategy by providing franchisee direction. One of the objectives of the Committee for 2010 was the development of an IT Toolkit. The purpose of this Toolkit is to try to explain in plain English - and recommend how - an IT infrastructure should work within a hotel and to help hoteliers understand IT jargon, therefore helping them to understand their network and requirements better. We have broken information down into different sections and shown where information can be referenced. This document will hopefully act as a reference to terms and also direct you to where information will be found on Global Technology EMEA Team space that is currently in development, which will contain links to the relevant IHG documentation and departments. More detailed information can be found in the IHG IT Brief for each brand. A list of helpful numbers and email addresses can also be found in the final Section. This IHG Owners Association IT Toolbox document is managed by Timo E. Kettern – IT Director at Westbridge Europe and member of the IT Sub-Committee. This document is reviewed and updated twice a year in conjunction with the scheduled IT Sub-Committee Meetings. Please send your feedback or suggested changes to Timo.Kettern@owners.org This is the first revision of this document making it Version 2. Changes done are mainly to reflect the new logo and name of the IHG Owners Association. Timo E. Kettern, January 2012 3 Glossary of Terms: Section 1 Physical Cabling and building infrastructure Section 2 Local Network (LAN) set-up, Network Security and Naming Conventions Section 3 Your Hotel Network and how if connects to IHG Systems. Section 4 Property Management Systems (PMS) Point of Sales Systems and IHG specific applications Section 5 Guest facing technologies and applications, including:High Speed Internet Access (HSIA), TV, Telephone, Door locking, Minibar, Meeting Room Signage, Kiosks, Hotel Websites Section 6 Hotel Internal Applications:Email, Microsoft Licensing, Payroll, Accounting, Credit Card, CCTV, Backups Section 7 Best Practice ICT Maintenance (as per PCI-DSS regulations) Section 8 IT Budgets and preferred suppliers Section 9 Legal requirements:Data Protection Act, Data Retention, IHG Technology Contract Section 10 IHG IT contact details 4 Glossary of Terms Below are some terms you may come across in this document and a brief understanding of what they mean:• Active Directory This is an advanced hierarchical directory service that comes with Windows servers. In Active Directory, you can set up Network Users, look at all PCs and Servers that have been added to a Network. • CAL - Client Access License is a proprietary software license distributed by software companies such as Microsoft to allow clients (PC or Laptop Computer) to connect to its server software and use the software's services. • Coaxial Cable This is the cable that you will recognise from your domestic TV and usually delivers the TV signal from your aerial to your TV’s. Coaxial is a very robust cable and capable of delivering more than just TV signals, although most new hotel systems will use a single Cat. 5 cable to deliver all video and data signals to the room. You may be encouraged to install both by your M&E consultant, so check with your system suppliers before committing to additional expense. • DHCP - Dynamic Host Configuration Protocol is a function in software that automatically assigns temporary IP addresses to computers logging into a Network. This enables the PC’s or devices to communicate with each other on a Network. • DNS - Domain Name System is a system for converting host names and Domain Names into IP addresses on the Internet or on Local Area Networks that use the TCP/IP protocol, so that they can communicate. Each Website relates to a Host IP Address and DNS resolves from the name to the IP Address. • Domain Controller is a server on your Local Network that holds a directory database that manages user access to a Network, which includes logging on, authentication, and access to the network resources. • DSL Router / Modem this is the device that forwards packets of data from one network to another, i.e. from your local network to a remote computer or the Internet. 5 • Firewall This is the primary method for keeping a computer network secure from external intruders. A firewall allows - or blocks - traffic into and out of a private computer network. Firewall technology changes regularly and it is important to keep the software on your firewall up to date. Incompatible firewalls can be a common cause of network or internet access problems and is an important part of your network, do not opt for the cheapest option. • IP or Internet Protocol IP is the communications protocol (address) for accessing devices on the Internet, Wide Area Networks (WANs) and Local Area Networks (LANs). The Internet Protocol (IP) is part of the TCP/IP protocol suite, and the terms "IP network" and "TCP/IP network" are synonymous. All devices that connect to your PMS will have an IP address that can be accessed internally or externally. • ISP - Internet Service Provider Your Internet Access can be provided by your telephone provider or third party supplier. This can be in the form of an ADSL, DSL or lease line. Quality and capacity is cost dependent. • KVM Switch - Keyboard, Video, Mouse is a hardware device that allows a user to control multiple computers from a single keyboard, video monitor (screen) and mouse and is usually hosted within your comms room. • LAN - Local Area Network This is the collection of Personal Computers (PC’s) or Servers in your hotel or office that are connected together locally. This is normally done using Cable Infrastructure with (usually) Category 5E (Cat 5) Patch Leads (cables) to connect to Network Switches and Patch Panels. • Network Switch A network Switch is a device that joins a number of different computers together by being the point where the Network Cables or Patch Leads come together and Network. • PMS - Property Management System. this is the Software Program that controls and records your hotel inventory, bookings, accounts etc. Systems approved within IHG hotels are Opera and Brilliant. PoS - Point of Sale Systems. These are the devises used typically in hotel bars and restaurants to manage and record sales of Inventory. The software that manages these items connects to the Network using an IP address. Software is supplied by companies such as Micros, Brilliant POS, Regular Cash Registers and IPoS. 6 • SPAM SPAM is email that is unsolicited and hasn’t been requested, usually sent to advertise products and services. Spam may also be an acronym for "sales promotional advertising mail" or "simultaneously posted advertising message”. Good third party filters will help to eliminate SPAM and save you many man hours in reading unsolicited mail. • Server Is a computer on a Network that centrally stores computer programs that are used by more than one computer, such as your PMS. The Server also stores, accepts, requests and delivers data to computers and devices on a Network. There can be many different types of Servers but in a simple hotel environment there will be one main server that will process DHCP requests, resolve DNS, act as a Domain controller that will contain the active directory of users and computers on a Network. Additional Servers may host other services, including your telephone system. Different Servers may be hosted within the same box (Virtual Servers). Servers usually contain more than one hard disk, which constantly copy each other (Mirrored), thereby providing security of the data stored on their hard disks. Back Up devices, such as Tape Drives are connected to your Server to enable you to regularly Back Up and store your data away from the Server and Hotel. You should deploy a rigid and auditable Back-Up Procedure, which includes regular off-site storage of tapes. Alternatively, you could explore the option of On-Line Back-Up services, which constantly Mirror your Data externally. • UPS - Uninterrupted Power Supply Is another name for a large back up battery which protects your networks and servers from power spikes and short-term power failures. It is not intended as a long-term power source. Your UPS will need regular maintenance and testing to ensure that the battery life does not fail when you most need it. • VoIP - Voice over Internet Protocol Is a digital telephone service that uses the Internet and private computer networks to make and receive telephone calls without the need for a telephone line or internal telephone exchange (PBX). Support for the Public Switched Telephone Network (PSTN) is also provided so that VoIP calls can originate and terminate from regular telephones. This a very cost efficient way of making and receiving phone calls and is the future of fixed line telephony, popular carriers such as SKYPE use VoIP. • WAN - Wide Area Network WAN is the internet or a computer network outside your own Local Network. Remember, you can always use Google.com or Wikipedia.org to find out the meaning of unknown TLA’s (Three Letter Acronyms) or other IT terms! 7 Hotel Network Schematic: Section 1 Physical Cabling and Building Infrastructure In a hotel your Comms Room or IT room should be the heart of the IT infrastructure – unless you are hosting your servers externally or ‘above property’. It is here that your internet connections should be placed and all IT infrastructure and equipment should be located. The Comms room itself is also where your entire internal cabling infrastructure should terminate. Category 5E or Category 6 cabling should be the minimum standard deployed Cat 6 for the backbone (between floors) and Cat 5 to the rooms. The future option is Fibre Optic cabling, which is very expensive, but will eventually be required to carry the levels of data required to the rooms. In larger hotels there may be more than one Comms room and these should be linked via a Fibre Optic link. By having this infrastructure in place, your hotel should be future proofed as most new technologies will be able to work off this backbone. Typically equipment housed in the Comms Room would be your Telephone System, Comms Cabinets that contain your Patch Panels (Behind which all your Cables terminate and should be clearly marked), Network Switches, KVM Switches, Routers, Firewalls, Servers and Interface Equipment. A full technical breakdown on what is required for your hotel can be found in the IHG reference document, New Hotel Openings Program. Items included in this will be the location, construction, electrical supply, fire prevention and suppression and temperature control. Contact gtemea@ihg.com for full documentation. 8 Section 2 Local Network (LAN) set-up, Network Security and Naming Conventions Your local Network or (LAN) is what connects all the computers in your network together. To understand this, your LAN starts with your DSL line or broadband connection. This is usually supplied to you by your telephone provider in most cases and they normally will supply you with a Router to access the Internet. The router essentially connects your network to the outside world thought internet access. In order to protect your network from intrusion, a Firewall should be placed in between your LAN and the WAN network. Once a firewall is in place it will help protect your network from hacking and Viruses that are common on the internet. If you need access to your network, your firewall can allow this by having rules and policies in place to allow remote access for allowed users. If you have more than one site, or you have a lot of remote workers such as sales agents VPN (Virtual Private Network) Tunnels allow each site to connect to each other. If you have shared services, VPN Clients can be set up that enable a secure remote connection to your network. As internet has become the most important part of the Hotels IT infrastructure, you should always invest in failover ADSL/Internet lines. While installing the primary and secondary lines, you should make sure both service providers are different and their equipment is installed in different exchanges or at least different parts of the same exchange. This enhances resilience; if the entire telephone exchange fails it is quite likely that all internet connections supplied by that exchange will have problems. If both connections are from different exchanges, the second internet connection will keep your operations going smoothly. If the equipment of the ISP is installed in different locations in the same exchange that also enhances resilience; if “Part A” of the Exchange is affected you could still have internet through Part B. You should also invest in enhanced cover for these DSL lines which guarantee a 4 Hour response time otherwise you could come across delayed response times during the weekends and public holidays. It is also advisable to source a minimum of 8 static IP addresses with the internet lines, as a lot of people need to access to the system. e.g: CCTV Systems etc. Investments should also be made at the firewall level for content filtering. Access to porn, spam, spoofing, etc. should be blocked and firewall logs should be checked on daily/weekly basis. IHG Naming Convention IHG have particular requirements with regard to naming conventions and IP addresses. When you sign up with IHG they will supply you with a WAN connection for use with their individual systems and also issue you with an IP range that will be separate to your organization. This connection with IHG enables a 2-way interface between the hotel’s Property Management System and Holidex® Plus central reservations system, as well as direct screen based access to Holidex®. On an IHG Network the Holidex Router will always be on an x.x.x.1 IP Address, Local Firewall will be on x.x.x.3, the main Server will be x.x.x.12. A full list of the specific IP range is available by referencing the IHG IP reference document. A separate internet connection will be required for the hotels Internet requirements. This can be shared with a hotels guest internet access, however, they must be separated by use of a firewall or similar device in order to protect your Local Network. 9 A sample Diagram of a simple Hotel network and IHG naming convention can be requested from the IHG IT Department at gtemea@ihg.com. Core Hotel Applications and inter connectivity: Section 3 Your Hotel Network and how if connects to IHG Systems There are two aspects to a Computer Network, The internal Network (LAN) and the External Network (WAN) if you consider that your Network starts at the wall with an Internet Connection this is your link to the outside world. Your internet connectivity is generally delivered with a telephone line or a wireless broadband link. This link is then connected to a DSL Router. This Router can then connect a computer or device to the Internet. In a secure Network, at this point, a Firewall should be used to prevent Intrusion to your Network or to allow secure connection to your Network. In this scenario this Firewall can also become your Gateway for Internet Access. In order for all devices on a network to communicate, a process called DHCP is used. This gives is an IP Address on the same range or scope on a network. DHCP can be delivered via a router, a Firewall or - for best practice - by a dedicated Server. This computer network joined together by a series of Cables and Switches that link all the devices on the network together, would be Routers, Firewall, Servers, Desktop Computers, Laptop Computers, Printers, Scanners and Backup devices. Other items can also be CCTV. When Choosing Hardware, it is important to user reputable suppliers that will be able to give support and service going forward and also easy parts availability. For that reason, HP and Dell 10 Appliances are recommended as both come with very good support programs. Most of these companies offer Next Day On-Site support service. This is important, as your IT support company may not cover hardware failures. 4 hour on-site support service should also be acquired for Servers, which helps in cases of hardware failure. In an IHG hotel Environment the setup is a little different than a normal Network. Because of the Hotel connection to Holidex there are some considerations to be made. Each IHG hotel has a Router that is specific to connect to IHG systems. In order to do this, entries need to be made to instruct your Firewall to divert Holidex traffic to a specific Router (the IHG provided Holidex router).These entries or Network Routings need to be created on a Firewall or as a separate DNS entry on a Server. If you try and connect to Holidex, the connection will look to find an IP address. Because Holidex is a private secure Network, normal WAN DNS servers will not be able to resolve the addresses. As such, before the Traffic hits the WAN, it needs to be told to divert to the Holidex Router and then this will allow the connection to be made. Once these entries are there, all Holidex, and IHG bound traffic will take the right route. Section 4 Property Management Systems (PMS) Point of Sales Systems and IHG specific applications IHG and IHG OWNERS ASSOCIATION recommend the use of 2 PMS Systems, Opera PMS from Micros Fidelio and Brilliant PMS from Brilliant Hotel Software. These systems are the only Property Management Systems that are certified to use the Holidex 2 way interface in the EMEA region. The 2-way Holidex interface will become a mandatory requirement from January 2012 for existing hotels. New hotels require the 2-way interface from the outset. The 2 Way Interface allows reservations to flow seamlessly from Holidex Plus to the PMS, and changes made in the PMS to flow directly to Holidex Plus. The interface automatically updates the PMS system with a reservation, therefore providing real-time hotel inventory. It also reduces typing errors in re-keying the information and reduces the workload of the reservationists and enables integration with IHG’s own Revenue Management System PERFORM. IHG Guest Satisfaction tracking tool HeartBeat and the IHG CRM tool MAGIC also requires the 2-way interface. Point of Sale IHG hotels will operate a Point of Sales system (POS) that conforms to IHG requirements. The POS system ideally interfaces with the chosen PMS and complies with accepted operational standards such as PCI-DSS. System requirements • Ensure that the systems are flexible and easy to use, and provide multilevel menus and pricing.• Must comply with Payment Card Industry Data Security Standards (PCI - DSS). • Point of Sale stations will comprise service stations for taking orders and each restaurant outlet and bar will have one cashier station. • At least one printer will be required in each kitchen to enable the printing out of orders in preparation areas. User access requirements • The system will only allow user access with a valid unique user ID and password. • Passwords must be changed on a regular basis as per current IHG Global Technology guidelines. • User access must be designed so to only allow access to parts of the system necessary for the user's role. 11 Interfaces To the PMS for:• Posting to guest folio • Check in/out to open and close account • Card Authorisation System (where available) • Process transaction requests • Receive transaction authorisation • Reconciliation IHG Specific Applications. Perform. PERFORM is the platform, or suite of products that houses the revenue system HIRO. The main modules within PERFORM are: HIRO which is designed to help with the tactical decision making process of Revenue Management at the Hotels. The primary goal of HIRO is to maximise Room Revenue through rate and length of stay. HIRO accomplishes this by making tactical decisions of which reservations to accept and which to deny based on its forecast. HIRO is customised to each individual Hotel, and is based on a system forecast from historical and current data from the CRS (Holidex). Price Scan is a graphical representation of the Pricing Strategies that are in place within the hotels. It helps each hotel maintain a rational pricing structure, though it does not set the Hotels’ prices. Group Evaluator is an optional add-on product, which uses displacement analysis to evaluate "break even" rates that Meetings/Ad hoc Groups should be quoted. Hotels with sizeable business in the above segments can sign up for the 2 day workshops currently priced at Euro 399/pax. Hotels that should use PERFORM are hotels with a 2 way interface to Holidex Plus, preferably with at least a 12 month history, a business mix of at least 60% individual as opposed to Group/Crew mix, and hotels with an average year round occupancy of 70% and above. Merlin Merlin is IHG’s Intranet System which is the internal website for all IHG colleagues. It contains general information, online training modules and document libraries as well as brand standard information and links to other IHG specific applications. To obtain access to Merlin, please visit www.ihgmerlin.com, contact your Hotel Performance Director or contact gtemea@ihg.com. Magic Magic is IHG’s next-generation loyalty database that is specifically designed to market to target customers. It also required the 2-way interface to Holidex to function. To get full benefit from Magic, hotels should record guest email addresses in the PMS. Magic allows the hotels to create and monitor online direct marketing initiatives (e,g. mail shots). Magic also is the source of IHG’s loyalty program Priority Club Rewards. 12 Section 5 Guest facing technologies and applications HSIA, TV, Telephone Although the bedroom guest phone is mostly used for internal communication (e.g. ordering roomservice) it is still an important health and safety requirement for the guest while staying in the hotel. All bedrooms require at least one telephone connected to the hotels main PABX, which can be hosted locally, or externally and deployed through your internet line using Voice over Internet Protocol (VoIP). Various technologies are available and can be deployed. The feature functionality of the hotel telephone system is important to the property's high standards of guest service and administrative productivity. The telephone system provides a link to the outside world for guests and staff and therefore should comply with the following minimum standards:. • The hotel telephone system will be an IP system, Digital system or hybrid IP/digital system, be approved for use under local law and comply with all relevant local regulations. In Holiday Inn Express, analogue handsets are advised as a cost effective and efficient option. • The system will be able to provide direct connections to analogue, digital (and SIP [Session Initiation Protocol] trunk if IP or Hybrid) facilities as well as alternate routing facilities. • The system will be able to accept answer supervision signals from the providing carrier (if available from the public network operator) and use this information to produce and pass accurately timed completed calls to the Call Accounting System. • Redundancy for any part of the system whose failure could cause total outage of a system function or cause loss of billing will be included, so that automatic switching will occur to an appropriate backup system in the event of failure of the primary system, all without loss of service or billing. • The system will be supported by an Uninterrupted Power Supply (UPS) and connected to the emergency power supply of the hotel. • The PBX, Voicemail and Call Accounting systems should be interfaced to the PMS system. This will usually be managed by your PMS provider, ensure that your telephone system is compatible with the PMS before ordering. • Calling Party Name Display (CND) can be available on all phones in guest facing front of house and back of house areas so that the name, room number and related information (such as status code, language designation) of the calling parties can be displayed. • The CND information will be automatically updated over the interface from the hotels Property Management System (PMS). • Your PBX should be able to accommodate Least Cost Routing (LCR), enabling you to direct your call traffic through the cheapest channel depending on destination of the call. Please reference the available IHG documentations for further details. IHG and the IHG Owners Association are in the process of evaluating and specifying a new standard for Hotel Telephone Systems. 13 Recommended Telephony Vendors IHG have strategic suppliers for PBX, Call Accounting Systems and Voicemail. Also other vendors can be considered when adhering to the standards. Details can be sourced from your IHG contact or by contacting gtemea@ihg.com High Speed Internet Access (HSIA) HSIA is a Brand Standard in IHG hotels. With the deployment of internet services into the home and corporate environments, the guest is requiring the same technology, ease of use and speed, to stay connected to their world when they visit a hotel. Guests’ behaviour has changed dramatically over the past years and they now want to use the hotels network for many things including downloads of music or video, voice calls using technologies such as Skype and access to corporate networks using Virtual Private Networks (VPNs). The next generation HSIA networks needs to support all of these things and at the same time ensure that capacity can be managed and costs of providing the service can be controlled. Vendors that provide HSIA services for hotels need to have ‘head end’ equipment (technology that sits in the communications room that links to the PMS and controls access and billing) that supports tiered usage, so that hotels have the ability to charge for the capacity consumed. You may wish to offer free internet access for low internet usage, such as email and web browsing, giving you the ability to charge for high usage such as streaming video. A number of vendors have this technology available. The chosen HSIA solution should comply with the IHG requirements and standards. New Brand Standard (Existing hotels): All hotels’ HSIA solution must support flexible tiered services and billing. Specifically, a property’s HSIA solution must be capable of providing multiple purchase options to guests and visitors, including at least one of the following:• • • Bandwidth Capped Services (tiers are differentiated by speed and volume of data provided). Protocol Limited Services (tiers are differentiated by services allowed, such as browsing, email, VPN, streaming etc.) Time Limited Services (tiers are differentiated by usage time). Guideline: To provide future flexibility, it is recommended that the HSIA solution supports a combination of Bandwidth Capped and Time Limited services. 14 New Brand Standard (New hotels and contract renewals): All new installations and contract renewals must support, as a minimum, both Bandwidth Capped and Time Limited services. Compliance Date: 30th June 2011 • Provide access via a wired Ethernet and/or wireless (WiFi) connection • Provide a tiered service • Provide the ability to bundle premium HSIA access with In-Room Entertainment premium services. (Typically fed from the In-Room Entertainment System). • When a guest purchases premium HSIA access, this must provide them with access via both wired and wireless connections (not simultaneously) and allow the guest to switch between the two access methods without further payment. In addition it is an IHG brand standard that the hotel provides wireless connectivity for guests via the HSIA network. The property’s WIFI network must comply with the following requirements: • The wireless network must support a minimum of both IEEE 802.11b and 802.11g wireless protocols. 802.11n is the current protocol, capable of delivering data at up to 600Mb/s. All systems are backwardly compatible. • The wireless network must provide full building coverage. All guest public areas, including the hub kitchen, lobby, laundry, etc., guest rooms and back office areas must receive sufficient signal strength to support voice data without distortion. A greater intensity of Wireless Access Points will be required in a hotel constructed of pre-cast concrete panels. • The wireless network must extend outside of the building to cover outside guest public areas (e.g. the terrace). • The chosen vendor should support the use of the WIFI network for guest HSIA, back office data and VOIP, configured appropriately using three distinct Service Set Identifiers (Skids). The wireless network must be fully meshed so that staff (and guests if appropriate) can roam around the property and remain connected. • All wireless access points must be able to support multiple simultaneous networks (multiple Skids) with both unencrypted connections for guests and encrypted connections for back office and telephony networks. • All wireless access points must be enterprise class equipment and should be wall or ceiling mounted and hidden (usually above suspended ceilings) wherever possible. • The back office wireless voice network must, as a minimum, hide its Service Set Identifier (SSID) and use an appropriate level of encryption supported by the handsets. • It is advisable to use a separate HSIA connection for office use. • All wireless access points must be password protected and only accessible through a Secure Sockets Layer (SSL) connection. • The property’s HSIA connection must meet the following requirements:The minimum downstream bandwidth required for HSIA is either 4096Kbps or the figure determined by the formula below - whichever is greater. 15 HSIA Bandwidth (Kbps) = Number of Guest Rooms x 55Kbps Some examples: For a 200 Bedroom property a minimum bandwidth of 11Mbps must be purchased: 200 rooms x 55Kbps =11000Kbps, which is greater than the minimum of 4096Kbps. The bandwidth to the guest will depend on many factors, including:• The number of guests sharing the Internet connection and the demands from their client machines • The bandwidth allocated to them, if there is a 'tiered' service in operation • The number of guests sharing a Wireless Access Point The HSIA connection to the Internet must be secured by an enterprise class firewall. This firewall must: • Be remotely managed and supported by the property’s HSIA vendor. • Be capable of recording access and security logs. • Provide automatic high availability failover. • Be password protected and accessible only via SSL and Secure Shell (SSH). • Provide enough Ethernet interfaces or VLAN support to provide Internet access to all of the property’s LAN’s (excluding the back office LAN). The Owners Association recommends deploying Wireless Guest Internet Access in the public areas and both wired and wireless bedrooms and meeting rooms. Some companies – especially finance companies - still insist on their people only accessing networks via cabled access. Door locking Systems The Electronic Door Locking System must be interfaced to the Hotel PMS to speed up the check-in process and to avoid errors when creating key cards at Front-Office. It is worth investing in more than one key cutting machine. The electronic lock system must have the following safety features/capabilities:• Emergency override • Power down backup system • Audit/interrogation feature • Anti-panic feature • Anti-theft feature • Re-key at each rental, voiding all previous keys • Emergency access must be by a key that retracts both dead and latch bolts. When the dead bolt is in a projected position, all keys except the emergency keys must be inoperable. The most common cause of complaint from guests against these systems is caused by failure of the batteries built into the locks, or incorrect settings of the clocks built into the door locks, regular maintenance is therefore essential. Other issues include magnetic interference - caused by mobile telephones or similar devices - erasing the memory from the key card. • 16 Section 6 Hotel internal applications E-Mail and Internet To understand how E-mail works, let’s start at the Beginning. This starts with the registration of a Website, otherwise known as a URL (Uniform Resource Locator) or Domain Name. For example, if you are opening a Holiday Inn, you will want to register the website domain name www.hiexample.com before doing this, please check with IHG, as there are strict rules governing the domain names which can be used to market an IHG branded hotel. The registration should be done by your system support company through domain hosts like www.godaddy.com or www.1and1.com. When you do this, you can then configure the records to point to certain sites, for example the host www might point to the IHG Official Website, the FTP (File Transfer Protocol) might point to your server. When buying URL’s purchase all examples which are relevant to your business, i.e. .co.uk .eu .info etc. you can always point these addresses to your main web site. There are difference ways that email can be hosted, a third party can host for you, you may decide to host yourself with an Exchange or Small Business Server, or you may decide to host in the cloud with Microsoft or Google on-line Services. Whichever method you chose, emails need to be pointed toward the relevant server. This is done by the configuration of MX records on the Website DNS site. There are various ways that email can be collected:• POP3 or IMAP ( In Affect Downloading from an external Server). • Exchange Server, which is normally hosted in house and allows mailboxes to synchronise with the Exchange Server and the Mailboxes are brought down from their server (This can be done on Multiple Computers or Devices) The server acts as the principle source of data. • Microsoft BPOS – this is the latest offering from Microsoft, which means your email is hosted by Microsoft, however you have most of the functionally of Microsoft Exchange. Microsoft advertises this product as having a 99.9% uptime. It really doesn’t matter which type of email service you use, but the most important element is for your email to be scanned for spam/indecent images and viruses before it arrives in users’ mailboxes. Strict mailbox policies should be implemented otherwise it could get completely out of control. There are no cheap options for peace of mind scanning services, look at www.messagelabs.com. A proper email archiving policy should also be implemented and users/staff should be educated on proper and fair usage policy. Maximum send/receive message size limits should also be imposed. These things will help you streamline your IT operations. When choosing email addresses for your team, try and keep them generic, i.e. gm@hiexample.com this makes it easier for people to move within your organisation without the need to confuse your guests and other contacts. 17 Microsoft Licensing and Applications Microsoft Licensing is a key component in your Network and is a legal requirement that has serious financial penalties if licensing is conformed to. There are different types of licenses you need to consider. • • • Server CALs (Client Access Licence). i.e. if your network has 20 Devices, you require 20 Server CALs Exchange Cal’s, if your network has 20 Exchange users, you require 20 Exchange CALs. Office Applications – Generally OEM (Original Equipment Manufacturer) bought with the original computers. The most popular type of licensing is OEM (Original Equipment Manufacturer) and is the easiest to manage, as each license belongs to each machine, however when the machine dies the license dies with it. These are available for the computer’s Operating Systems and Microsoft Office. Another option is Volume Licensing, which serves the needs of organisations that acquire five or more licenses but do not need multiple copies of the media and the documentation and do not want to keep track of numerous individual license agreements. Volume Licensing offers the potential for substantial savings, ease of deployment, flexible acquisition, varied payment options and other benefits such as on-going maintenance. However there is an on-going cost for this each year. One of the benefits is that you are entitled to software upgrades, i.e. Office 2007 – 2010 when available. Microsoft’s new Cloud environment Office365, offers extremely flexible licencing options tailored to the user and payable monthly, i.e. if a member of housekeeping only needs to use email, then that is what you pay for, whilst the GM may need access to all Office products. This service is in its infancy, but will develop over the coming years. It makes life very easy for the SME market, without the need to invest in expensive infrastructure and constantly updating software. Antivirus Software It is critical that antivirus software should is installed on every server, desktop or laptop within a Network. Typically the cost of the Software is €25 per workstation per annum. Also a Spam Filter should be used to filter potential threats from emails coming into your organisation. There are a number of different Anti-Virus Solutions available like McAfee, Symantec, and Norton to name but a few. When choosing an Antivirus Package, one consideration is that it can be centrally deployed and monitored. Also updates to latest versions should be automatic on a daily basis. Backup All critical hotel systems must be backed up on a daily basis. Backup and restoration systems and procedures may be included in some of the solutions deployed by the vendors. As for those systems where the hotel will be responsible for providing backup, such as the PMS, sales & catering, POS, materials control, etc. it is recommended that a sophisticated backup device and software is used for this purpose that allows the backup of several servers as well as the restoration of those. IHG recommends Backup Exec from Veritas. Other alternatives are a Constant Data Protection Device from Sonicwall. With the development of faster internet access, on-line off-site back-up solutions are becoming more feasible. This offers real time mirroring of your data. 18 A restore test of the backups should be done once a month to verify that lost data can be successfully recovered. We strongly recommend that all hotels have a Disaster Recovery Plan that deals with how the hotel would be brought up to operational level again after a major IT crash at the hotel. These plans should consider how to work the hotel ‘manually’ (ie without any IT systems) while the recovery is going on. Section 7 Best Practice Credit Card Data Security - advise for Hotels • Build and Maintain a Secure Network Requirement 1: Install and maintain a firewall configuration to protect cardholder data Requirement 2: Do not use vendor-supplied defaults for system passwords and other security Parameters • Protect Cardholder Data Requirement 3: Protect stored cardholder data Requirement 4: Encrypt transmission of cardholder data across open, public networks • Maintain a Vulnerability Management Program Requirement 5: Use and regularly update anti-virus software Requirement 6: Develop and maintain secure systems and applications • Implement Strong Access Control Measures Requirement 7: Restrict access to cardholder data by business need-to-know Requirement 8: Assign a unique ID to each person with computer access Requirement 9: Restrict physical access to cardholder data • Regularly Monitor and Test Networks Requirement 10: Track and monitor all access to network resources and cardholder data Requirement 11: Regularly test security systems and processes • Maintain an Information Security Policy Requirement 12: Maintain a policy that addresses information security 19 Section 8 IT Budgets and Preferred suppliers Each hotel is different and requires individual consultancy within the IT Budget. IHG provide information guidance on IT Budgets as part of their New Hotel Opening. Items to consider in your IT Budget are:• • • • • • • • • • • • • • • PMS/POS maintenance. Anti-Virus software for all PC’s and servers. Firewall Security Suites. Contingency for any replacement of hardware. Licensing costs for Microsoft and other software providers if you are not using OEM licensing. Also include Server CAL’s, Exchange CAL’s and Microsoft Office applications. Holidex Connectivity Costs Internet Access connectivity costs. Guest WIFI Support and costs associated. Remote Backup costs - if applicable Telephone Maintenance Costs. CRM cost, Salesforce, Delphi Etc. Accounts Software Maintenance Payroll Software Maintenance Local Network Support company cost. Internal or outsourced IT Manager Further information can be obtained from IHG’s IT Department Lists of preferred suppliers for PMS, POS, HSIA, In-room entertainment etc. can be obtained from IHG’s IT department. Section 9 Legal requirements - Data Protection, Data Retention All local laws dealing with data retention, data storage and data protection need to be adhered to. Consult with the IHG Hotel Performance Support Director on the requirements of the area where your hotel is based. Ensure that the chosen network set-up and the chosen applications and their configurations conform, and are in line, with local legislation. Be aware that the regulations around allowed monitoring and logging of guest and staff activities while using the hotels IT Systems vary greatly from country to country. Local laws need to be treated with higher priority and importance than any other standard. 20 Section 10 IHG IT Contact Details Contact details of specialists for all IHG systems (PMS Holidex, Merlin etc.) Central IT Contact sheet Hotel staff should have a Contact sheet with details of all system providers. The support sheet should have normal and out of hours numbers of all suppliers and it should be available to the whole team. Global Technology EMEA who to contact? To initiate a new project or to book GT EMEA resource E-mail emeait.projects@ihg.com To raise a support escalation Call +44 (0) 870 6061300 For updates about your project E-mail emeait.projects@ihg.com To ask for general technology advice E-mail technology.solutions@ihg.com To request business analysis from our hospitality tech experts E-mail business.services@ihg.com For help getting a vendor quotation checked E-mail emeait.projects@ihg.com To tell us about a new vendor you’re using in your hotel E-mail technology.solutions@ihg.com To get news about new technology coming E-mail technology.solutions@ihg.com Follow twitter.com/tsg_gtemea on Twitter – click on “send request” For anything else, general queries and to find the right expert E-mail gtemea@ihg.com 21 IHG Owners Association Technology News can be found at: www.owners.org 22