The Weak Link of the Chain

Nicola Finamore, IT Manager, Six Senses Hotels Resorts and Spas—part of IHG Hotel Groups

Nicola Finamore had the luck to start the hospitality journey around 30 years ago working in nearly all the departments of a luxury hotel (Hilton and IHG) moving to the IT about 24 years ago. As everything in life, IT management is changed quite a lot in our day-to-day routine and ten or fifteen years ago, stress would mainly come from a technical challenge, while nowadays, what keeps him awake at night, are data protection and cyber security concerns. Through this article he highlights on the critical role of IT security in the hospitality industry, emphasising the need for proactive staff training, management support, and a shift in perspective to view security as a vital investment rather than a cost.

We moved to a purely physical kind of security need, ensuring that the customer could place the precious belongings in a hassle-free room safe, to a bigger impacting matter. Data security. We do often classify as weak link of the chain the human factor, when it comes to a phishing attack or clicking the wrong link. True.

The never-ending challenge is making others realise how important security is, and it is honestly, the part I love the most in my job and a vital skill in IT Management. IT is also definitely information processing, and we must be able to transmit what is meant to be done at all levels in a field where often we are seen as the only expert. There are several actions to keep the staff focused on the goal. Since the very beginning the employee should be involved about cybersecurity, even from the induction day and periodical training session are mandatory.

“There Are Several Actions To Keep The Staff Focused On The Goal. Since The Very Beginning The Employee Should Be Involved About Cybersecurity, Even From The Induction Day And Periodical Training Session Are Mandatory”

In the hospitality industry, where there are both high seasonal turnovers and sometime less sophisticated workforce, this is a key solution.

The importance of give guests an unforgettable experience only under a service point of view and not because their data were stolen, is second to none. Management help is crucial, and rely on staff members, managers and supervisors is vital. Every employee should patrol as a security officer in the departments, as IT staff can’t be everywhere.

I do personally believe that raising awareness to fear can reduce the possibility of being attacked and the computer user should think 10 times or ask for help, before doing any action. Better safe than sorry! But this is not it.

What I think the “weak link of the chain” meaning should include, is the idea that IT security is only a cost, while must be seen as one of the best investments for a company holding personal data.

The industry relies on a heavy interaction between companies and customer sharing credit cards details, ID’s, personal allergies or even medical needs. Breaches can significantly impact business as the consequences are massive under various circumstances and not only related to immediate financial losses for non-compliancy fines or thefts. As customer trust is crucial, reputation damages are unvaluable in the hospitality industry especially when with a single social post, a company reputation can be destroyed in few minutes.