As travel opens up, don’t be caught out by a data breach, says Dan Conrad, field strategist at the Privileged Access Management (PAM) software company One Identity.
The process of checking into a hotel is facilitated by a complex web of digital processes. From reservation to payment, through the personalisation of room services and other core services that make the experience seamless for guests, the process of checking into a hotel today is almost always completely digitised.
But who manages the systems, the back end of all the portals accessed by guests and hotel personnel? The answer is Privileged IT users, such as system administrators, who monitor these systems around the clock to ensure they are operating as they should.
While maintaining the smooth running of business-critical systems and portals, privileged users must also comply with dynamic requirements and regional privacy regulations that govern how data can be collected, for how long it should be kept, and how it should be stored.
More challenges: covid-19 pandemic
If the job of privileged IT users didn’t sound complicated enough, the recent pandemic introduced a whole new set of challenges. Those operating in the hospitality sector who managed to remain open during the national lockdowns found themselves with a reduced staff count and the necessity to perform some operations remotely. The director of infrastructure at a global hospitality company said that, in a few weeks, the company found itself from zero remote privileged sessions to having to manage more than hundreds a day.
This scenario was common, as the necessity to accommodate remote working forced an accelerated digital transformation for many organisations that weren’t necessarily prepared to make the shift. This was especially challenging for those companies that had to create a privileged access footprint from scratch, and that sometimes had no existing privileged password technology in place.
Why PAM matters
PAM is an essential component of a security strategy because it reduces the possibility of a destructive attack, even in cases where there is a long digital supply chain. It essentially accounts for the inevitable incidents that result from human error, and creates a layer of protection around critical systems.
To give an analogy, admin accounts should be treated like the organisation’s crown jewels and therefore should be kept in a vault, isolated in a repository that system administrators can access only via a PAM system. When requesting a credential, admins will be authenticated according to the level of access they need to perform a task. Once the task is completed, access can be revoked and the process reset in order to ensure that an organisation’s crown jewels are only accessible by the right people at the right time.
A PAM strategy generally encompasses provisioning and de-provisioning of privileged account credentials, which minimises the risk posed by insider threat or admin mistakes. This is especially critical in hospitality, where there can be high turnover of staff or staff is added at peak holiday seasons.
The solution – eliminating complexity
Most organisations maintain separate directory services and hierarchies for privileged passwords linked to users, systems, networks, devices and properties. The easiest way to simplify such a fragmented identity infrastructure is for organisations to view users and systems as objects, providing an implicit link to privileged access and session management solutions. Ideally, a comprehensive privileged identity management solution would also support visualisation, root account management and provide an open API architecture that simplifies integrations between cloud applications and infrastructure for minimal friction and maximum flexibility.
Hidden benefits
A PAM strategy that supports automation, virtualisation and other integration that might be needed – thus accommodating for the digital transformations that a business might undergo in the future – has a tangible effect on costs. In fact, improving insight and control over privileged passwords increases IT staff efficiency and increases savings. The capability to run over on-prem devices and cloud systems is paramount for companies operating in the hospitality sector, and allows for a more scalable and agile approach that results in smoother operation.
With the holiday season approaching and travel restrictions easing, the hospitality sector should soon see the much needed boost it needs after a period of uncertainty. By ensuring that all processes are underpinned with security top of mind, it will put the sector in the best position to reap all the benefits of re-opening, without any fall-out from a data leak or data breach.
