hospitality information systems and technology back office systems systems security &...
TRANSCRIPT
Hospitality Information Hospitality Information Systems and Systems and TechnologyTechnology
Back Office SystemsBack Office Systems
Systems Security & Systems Security & MaintenanceMaintenance
DowntimeDowntime
Back Office systemsBack Office systems
Generally consists of four typesGenerally consists of four types• Payroll/personnel systemsPayroll/personnel systems• Accounting systemsAccounting systems• Marketing systemsMarketing systems• Executive Information SystemsExecutive Information Systems
Payroll/Personnel SystemsPayroll/Personnel Systems
Usually starts with an electronic time Usually starts with an electronic time clockclock
Time clocks now allow easier Time clocks now allow easier transferring between departmentstransferring between departments
Have multiple ratesHave multiple rates Allow for instantaneous reporting of Allow for instantaneous reporting of
wageswages
Up to date reporting is importantUp to date reporting is important
Full service hotels generally spend 32% to Full service hotels generally spend 32% to 36% of revenue on direct labor36% of revenue on direct labor
Just reducing labor is not the answerJust reducing labor is not the answer Managing labor to make sure an Managing labor to make sure an
organization has the right amount on hand organization has the right amount on hand to provide the necessary level of serviceto provide the necessary level of service
Labor is often viewed purely from a cost Labor is often viewed purely from a cost standpoint – which can have negative standpoint – which can have negative impacts on guest satisfactionimpacts on guest satisfaction
Use Your ToolsUse Your Tools
Design a broader approach taking Design a broader approach taking into account these key areas of into account these key areas of impactimpact• Guest service levels and guest Guest service levels and guest
satisfactionsatisfaction• Internal service levelsInternal service levels• Employee satisfaction and retentionEmployee satisfaction and retention
Determine Your Objectives Up Determine Your Objectives Up FrontFront
Focus on:Focus on:• Cost reduction expectationsCost reduction expectations• Integration of service standardsIntegration of service standards• Impact on employee satisfaction / Impact on employee satisfaction /
retentionretention
Keep in mind the Keep in mind the following factors:following factors:
Executive sponsorship and supportExecutive sponsorship and support Review labor cost figures continually on a Review labor cost figures continually on a
departmental and classification basisdepartmental and classification basis Departmental benchmarkingDepartmental benchmarking Skill assessments and effective trainingSkill assessments and effective training It’s good for the employees – let them It’s good for the employees – let them
know itknow it Do it nowDo it now
Key to effective labor Key to effective labor management through uses management through uses of technologyof technology
Eliminates unnecessary work through Eliminates unnecessary work through processesprocesses
Helps organizational structures find Helps organizational structures find opportunities to improve effectivenessopportunities to improve effectiveness
Sets and monitors labor standardsSets and monitors labor standards Assists in forecasting & schedulingAssists in forecasting & scheduling Helps in analyzing dataHelps in analyzing data
Accounting SystemsAccounting Systems
The back bone of financial reportsThe back bone of financial reports Usually contains:Usually contains:
General ledgerGeneral ledger Statement of operationsStatement of operations Departmental statementsDepartmental statements Balance sheetsBalance sheets Accounts receivableAccounts receivable Accounts payableAccounts payable
Marketing SystemsMarketing Systems
Sales & Catering SystemsSales & Catering Systems Internet / Web SitesInternet / Web Sites
Executive Information Executive Information SystemsSystems
Gives management the ability to turn large Gives management the ability to turn large amounts of operating statistics & property data amounts of operating statistics & property data transactions into consolidated informationtransactions into consolidated information
Quick overviews for better, timely decisionsQuick overviews for better, timely decisions Can be important as revenue management, Can be important as revenue management,
guest satisfaction and properly targeted CRM guest satisfaction and properly targeted CRM marketing campaignsmarketing campaigns
Types of ReportsTypes of Reports
Daily Revenue ReportsDaily Revenue Reports ForecastingForecasting Payroll ManagementPayroll Management Consolidated ReportingConsolidated Reporting
Some Topics to Address in an EIS Some Topics to Address in an EIS SystemSystem
Infrastructure neededInfrastructure needed What level of approval and ROI is What level of approval and ROI is
needed to get the project rollingneeded to get the project rolling Any new emerging technology?Any new emerging technology? Maintaining your competitive Maintaining your competitive
advantageadvantage
InfrastructureInfrastructure
The best systems are built from the The best systems are built from the ground upground up
Connect all systems together – PMS, Connect all systems together – PMS, POS, CRS, GDS, Sales & Catering, POS, CRS, GDS, Sales & Catering, PayrollPayroll
Making a More Efficient ManagerMaking a More Efficient Manager
Instant access to dataInstant access to data• Yesterdays payroll costsYesterdays payroll costs• Bookings by market segmentBookings by market segment• ForecastingForecasting• Average check trendsAverage check trends
What ROI might you expect?What ROI might you expect?
PayrollPayroll AutomationAutomation Productivity enhancementsProductivity enhancements Forecasting and budgeting processForecasting and budgeting process
Systems Security & Maintenance
Detailed guest and operational statistics are among the most valuable of any property’s assets
Computer data is much more comprehensive than manual data, but can be much more vulnerable
Dangers to All Types of Data
Dangers to electronic data– Physical dangers
Fire, flood, etc.
– Additional dangers Flexibility and interconnections open databases up to
more outside threats, either deliberate or random Need to reach a happy medium in security &
functionality
“ The only completely secure system has no inputs or
outputs, is encased in concrete, and lies at the bottom of the
sea”
Real world systems interact with the outside world
Human Fallibility
The weakest link in system security– Software is written by people– Data entry errors– Dishonesty
Environmental
Situations or events that threaten the structure of the system– Fire– Flood– Wind– Rain– Power losses– Loss of network connections
Protections Against Environmental Concerns
Fire – basic physical security. Smoke detectors, fire suppression systems
Floods/Water Damage – Locate the computer room away from outside walls or in the basement. Install double ceilings.
Power failures – UPS, backup generators, dedicated power circuits, line conditioners, surge protectors
Protections Against Environmental Concerns
Network communications – include a secondary means of communication
Practice – learn to run on a manual system
Protections Against Electronic Concerns
Outside attacks from hackers or viruses receive the most publicity
Most successful attacks are “in house” by someone exploiting holes in standard software, or taking advantage of “wide open” PC’s and servers
It is important to keep up to date on software developments and
should be a vital part of any property’s system maintenance
plan
Security in Everyone’s Responsibility
Security is not just the system administrators job
Even with the most current updates, anti-virus software & PC browsers set to identify risky attachments, all users must be trained to be aware & exercise good judgment about security risks.
Anti-virus software
Install it and use it! Update files should downloaded regularly Every two weeks is not too often Updates should be distributed to all
workstations via sign on scripts
Hoax Viruses
Chain letter type e-mail Do not contain damaging codes Like regular chain mail, clogs up the system
by urging the recipient to keep passing it on
Firewalls
A separate device or a software program (or both) that separates the property network and the Internet
Restricts the types of messages sent in and out, and/or restricts access to certain web sites based on pre set parameters
Can mask the availability of com ports on the server & IP addresses on network PC’s, hiding them from potential hackers
Denial of Service Attacks
One of the most useful things a firewall can prevent
Denial of service attack – small software programs downloaded by hackers to unsuspecting company servers, all triggered to activate at once sending messages to a single target server
Mobile Users
Access through the firewall must be subject to specific authentication procedures, i.e. tightly controlled passwords, physical keys plugged into their laptops
Can use a Virtual Private Network– Encrypts all messages using any Internet
connection
Firewalls can track user activity
A good monitoring system helping to keep everyone “honest”
Should something go wrong, can be a very useful tool in tracking down the source
Security Patches
Security patches are corrections to software code to close any “loopholes” that may be found by hackers to a system
Should always be put in place as soon as they become available
Never put a PC or server into service with default configurations or passwords
Other Items
Modems – Individual workstations should not have local modems. All outside access should be routed through the company HSIA with the firewall in place
Only exception – mobile users.
Network Documentation
Network mapping software applications – auto detect and record all parts of the network, identifying which PC’s and servers are connected
It has been known to find system parts in place but totally unsecured
Electronic Security is a never Electronic Security is a never ending processending process
Keep up to dateKeep up to date Monitor developmentsMonitor developments Prioritize them for your propertyPrioritize them for your property Keep a sense of awareness about Keep a sense of awareness about
real versus suspicious threatsreal versus suspicious threats Periodically invest into a security Periodically invest into a security
consultant to check vulnerabilities of consultant to check vulnerabilities of your systemyour system
Security is Everyone’s Security is Everyone’s ResponsibilityResponsibility
All users are responsible to some All users are responsible to some extent for maintaining the integrity extent for maintaining the integrity and usefulness of the property’s dataand usefulness of the property’s data
Education and reinforcement = Education and reinforcement = policies and procedurespolicies and procedures
Multiple levels of securityMultiple levels of security
Restricted AccessRestricted Access
All good systems can be set to restrict All good systems can be set to restrict individual users access to various individual users access to various combinations of menu functionscombinations of menu functions
Don’t want to restrict too much. Users Don’t want to restrict too much. Users must have access to all areas that affect must have access to all areas that affect their worktheir work
Set up audit trails for program accessSet up audit trails for program access Immediately remove password privileges Immediately remove password privileges
for terminated employeesfor terminated employees
Policies and ProceduresPolicies and Procedures
Establish and maintain written Establish and maintain written policies and procedures on system policies and procedures on system useuse
Require all users to sigh agreements Require all users to sigh agreements on established policies and on established policies and proceduresprocedures• Raises security awarenessRaises security awareness
Typical Policies and ProceduresTypical Policies and Procedures
Standard software only (company Standard software only (company provided)provided)
No personal storage devicesNo personal storage devices Personal usagePersonal usage Responsible use of passwordsResponsible use of passwords
Computer Room SecurityComputer Room Security
Computer room security must be Computer room security must be maintained at all timesmaintained at all times
Locate away from heavy traffic areas Locate away from heavy traffic areas if possibleif possible
Access on an “as needed” basisAccess on an “as needed” basis Self locking doorSelf locking door
General Security PrinciplesGeneral Security Principles
Regular system backupsRegular system backups
Complete system documentationComplete system documentation
Security audit checklistSecurity audit checklist
BackupsBackups
Two typesTwo types• Manual operational proceduresManual operational procedures• ElectronicElectronic
Software & data backups – essentialSoftware & data backups – essential• Can get you up and running with Can get you up and running with
minimal loss of information and revenueminimal loss of information and revenue Manual backupsManual backups
• For severe emergencies onlyFor severe emergencies only Downtime reportsDowntime reports
DocumentationDocumentation
Gain efficiency and peace of mindGain efficiency and peace of mind Makes it easier to parts of the Makes it easier to parts of the
network & rebuild if necessarynetwork & rebuild if necessary• One to cover hardware – physical One to cover hardware – physical
schematicschematic• One to cover software – different One to cover software – different
applications and their interfacesapplications and their interfaces
Security AuditSecurity Audit
Checks to see that every aspect of Checks to see that every aspect of the operation is recognized and the operation is recognized and coveredcovered• Backup proceduresBackup procedures• DocumentationDocumentation• Physical accessPhysical access• Password managementPassword management
Downtime ProceduresDowntime Procedures
No matter what precautions we take, there No matter what precautions we take, there will eventually be a need for computer will eventually be a need for computer systems to be downsystems to be down It’s not a matter of if, but of whenIt’s not a matter of if, but of when
Two Types of DowntimeTwo Types of Downtime
Short duration – less than 8 hoursShort duration – less than 8 hours
Long duration – greater than 8 hoursLong duration – greater than 8 hours
Short Duration DowntimeShort Duration Downtime
Causes / ReasonsCauses / Reasons Regular system maintenanceRegular system maintenance System errors of short durationSystem errors of short duration Power outages / weatherPower outages / weather
Long Duration DowntimeLong Duration Downtime
Causes / reasonsCauses / reasons Major system errors/ maintenanceMajor system errors/ maintenance Weather – hurricanes, tornadoes, floods, etc.Weather – hurricanes, tornadoes, floods, etc.
Short Duration Downtime ReportsShort Duration Downtime Reports
These reports should be run every day, at These reports should be run every day, at least twice a day, “just in case”least twice a day, “just in case”
Downtime reports should provide all Downtime reports should provide all essential hotel status & guest billing essential hotel status & guest billing informationinformation
Run sufficient copies for each departmentRun sufficient copies for each department
Reports to run at a minimumReports to run at a minimum
In-house guest listIn-house guest list
Room availability listRoom availability list
Expected departures listExpected departures list
Expected arrivals listExpected arrivals list
Guest ledgerGuest ledger
Guest credit statusGuest credit status Cash basisCash basis Approved creditApproved credit
Reports to run at a minimumReports to run at a minimum
Guest messagesGuest messages
Room availability at least one month outRoom availability at least one month out
Vacant room status (housekeeping)Vacant room status (housekeeping)
Guest foliosGuest folios
Room change reportRoom change report
Early departuresEarly departures
All room statusAll room status
Extended Downtime StatusExtended Downtime Status
Guidelines – each property is different, o Guidelines – each property is different, o there is a need to “fine tune” guidelines to there is a need to “fine tune” guidelines to the specific propertythe specific property
Key to running manually – GOOD Key to running manually – GOOD COMMUNICATIONCOMMUNICATION
Maintain guest service as much as Maintain guest service as much as possiblepossible
Quick Response ChecklistQuick Response Checklist
Alert all management staffAlert all management staff
Shut down all systems as quickly as Shut down all systems as quickly as possiblepossible
Distribute the most recent downtime listsDistribute the most recent downtime lists
Prepare for a manual auditPrepare for a manual audit
Issue radios to management staffIssue radios to management staff
Key management Staff RolesKey management Staff Roles
General ManagerGeneral ManagerSystems ManagerSystems ManagerFront Desk managerFront Desk managerFront Desk SupervisorsFront Desk SupervisorsFront Desk AgentsFront Desk AgentsReservations ManagerReservations ManagerPBX SupervisorPBX SupervisorOutlet ManagersOutlet ManagersHousekeeperHousekeeperControllerControllerNight ManagerNight Manager
General ManagerGeneral Manager
Oversees operationsOversees operations
Makes and approves all operational Makes and approves all operational decision – especially those affecting guest decision – especially those affecting guest issuesissues
Systems ManagerSystems Manager
Determines magnitude of problem – Determines magnitude of problem – estimates down timeestimates down timeMaintains status of all correctional Maintains status of all correctional activities in processactivities in processNotifies response team of severity of Notifies response team of severity of situation, and recommends degree of situation, and recommends degree of contingency to implementcontingency to implementSupervises repairsSupervises repairsKeeps management updatedKeeps management updated
Front Desk managerFront Desk manager
Coordinates front office activity with Coordinates front office activity with systems & reservations mangerssystems & reservations mangersSupervises all front desk activitySupervises all front desk activityMonitors controls & audit trailsMonitors controls & audit trailsSupervises runnersSupervises runnersKeeps outlets updated with guest Keeps outlets updated with guest informationinformationDocuments observed / perceived Documents observed / perceived operational problems for review / revisionoperational problems for review / revision
Front Desk SupervisorsFront Desk Supervisors
Monitor and control registration functionsMonitor and control registration functions
Maintains room status control sheetMaintains room status control sheet
Maintains walk in listMaintains walk in list
Communicates status changes to Communicates status changes to housekeepinghousekeeping
Supervises re-entry of data to systemSupervises re-entry of data to system
Front Desk ClerksFront Desk Clerks
Control filing of guest charges and Control filing of guest charges and maintenance of current balancesmaintenance of current balances
Supervise generation of source Supervise generation of source documentsdocuments
Assist with posting of chargesAssist with posting of charges
Reservation ManagerReservation Manager
Distributes updated room availability reports to Distributes updated room availability reports to all agentsall agents
Supervises manual booking of reservationsSupervises manual booking of reservations
Maintains manual reservations filesMaintains manual reservations files
Maintains manual future rooms availability chartMaintains manual future rooms availability chart
Maintains communication with outside Maintains communication with outside reservation systemsreservation systems
Supervises re-entry of reservationsSupervises re-entry of reservations
PBXPBX
Maintains and updates telephone Maintains and updates telephone reference list with help of front deskreference list with help of front desk
Maintains manual message logMaintains manual message log
Assures that messages are distributed to Assures that messages are distributed to guestsguests
Forwards any phone charges to front desk Forwards any phone charges to front desk for postingfor posting
Outlet ManagersOutlet Managers
Coordinate contingency plan with systems Coordinate contingency plan with systems managermanager
Supervises manual operation of outletsSupervises manual operation of outlets
Assists in balancing processAssists in balancing process
Responsible for manual check distributionResponsible for manual check distribution
ControllerController
Coordinates accounting activity with the Coordinates accounting activity with the system managersystem manager
Supervises accounting contingency planSupervises accounting contingency plan
Supervises all data reconstructionSupervises all data reconstruction
Assists front desk with maintaining guest Assists front desk with maintaining guest ledgerledger
Monitors all cash and credit card activityMonitors all cash and credit card activity
HousekeeperHousekeeper
Coordinates manual room status control Coordinates manual room status control with front deskwith front desk
Establishes initial room status reportEstablishes initial room status report
Supervises vacant room inspectionsSupervises vacant room inspections
Supervises distribution of updated room Supervises distribution of updated room status listsstatus lists
Supervises manual assignment of room Supervises manual assignment of room attendantsattendants
Night ManagerNight Manager
Performs regular audit functionsPerforms regular audit functions
Generates manual audit reportsGenerates manual audit reports
Balance all hotel accountsBalance all hotel accounts
Assists in restoration of dataAssists in restoration of data
All Management StaffAll Management Staff
Remain in constant communicationRemain in constant communication
Regular inter department meetingsRegular inter department meetings
Keep guests updated as much as possibleKeep guests updated as much as possible