Tech Talk

Recent posts

IoT is Coming, Jon Snow…
Posted: 05/21/2019

Hospitality is prime for the coming advent of the various devices that make up the Internet of Things. Estimates show the industry now represents 17.5 million rooms worldwide and savvy guests are demanding more personalization and an overall improved guest experience along their connected travel journey and belief is that IoT can bring this to reality. 

The forces driving local search rankings are constantly changing. But recent studies suggest that in 2019, four key factors make up the local search algorithm. 
 
The most significant factor is Google My Business (GMB). If you’re not on it, get on it now.

The robotic revolution in the hospitality industry might seem to have taken a step back. This January, the famously quirky Henn-Na Hotel in Japan fired half of its 243 robot staff. The robotic workforce reportedly irritated guests and frequently broke down.

Think about the moment when you first enter your hotel room. Look around: Does the room tell you anything unique about the hotel where you are staying? Or is it all beige walls and double beds with white covers, and you have to walk back outside and look at the sign on the hotel’s facade to even remember where you are?

Hotel guests commonly bring multiple devices with them during their stay. However, many hotel environments don’t provide easy access to charging outlets. This situation can lead to a guest feeling more than inconvenienced. A recent survey found almost 90 percent of people "felt panic" when their phone battery dropped to 20 percent or below.



want to read more articles like this?

want to read more articles like this?

Sign up to receive our twice-a-month Watercooler and Siegel Sez Newsletters and never miss another article or news story.

x
 

Windows XP Users Update or You Could Fail Your Next PCI Assessment

02/14/2014

Typically my messages and insights shared in Hospitality Upgrade revolve around security and ways to simplify PCI compliance. After all, I consider myself first and foremost a merchant advocate. This message is a little different; it’s more of a heads-up on a little-known PCI regulation that could cause you major problems in the near future.

On April 8, 2014, Microsoft’s extended support for Windows XP will cease. This could be a problem for many hoteliers because requirement 6.2 of the PCI Data Security Standards (PCI-DSS) tells us to “ensure that all system components and software are protected from known vulnerabilities by installing applicable vendor-supplied security patches.” Once Microsoft ends their extended support, they’ll stop supplying security patches, which means properties still running Windows XP will be immediately out of compliance with PCI.

How Your OS Affects Compliance
The PCI Security Standards Council’s position on this subject is that if a vendor, in this case Microsoft, no longer supports a system component by issuing security patches, merchants running that component in their card data environment cannot check “In Place” on their next Self-Assessment Questionnaire. In case you weren’t aware, in order to be PCI-DSS compliant, all in-scope requirements must be checked “In Place.”

If you are running an unsupported OS, and it is accessible from the Internet, you will receive an automatic PCI failure on your next authorized scanning vendor (ASV) vulnerability scan and will immediately be deemed non-compliant with the PCI-DSS. The ASVs are required to automatically fail a scan upon detecting an unsupported OS.

What Should You Do?
If you will be affected by the Microsoft sunset event for Windows XP, then you should immediately consult with your merchant services provider (MSP) or merchant bank and your ISA or QSA so they are aware and can provide guidance. If you already have a plan to upgrade, then congrats – you’re ahead of the game. 

If you don’t have a plan or a budget allocation to upgrade to a supported OS, you have one other option – use Compensating Controls (see PCI-DSS Appendices B & C). This method is neither simple nor inexpensive, so I would certainly not recommend it, but for some it may be a necessity. Your particular situation should be discussed with your MSP/merchant bank and your ISA or QSA to determine your best course of action.

Update From IE8, While You’re at It
While we’re on the subject of updates, you should also make a point to move away from Internet Explorer 8 (IE8). Many websites have already begun to cease support for their sites on this outdated version. If you’re currently using IE8, you might have already received an annoying pop-up screen informing you of this when trying to access certain sites. Microsoft’s support of IE8 is scheduled to end when they terminate mainstream support for Windows 7 (Service Pack 1) on January 13, 2015. While extended support for IE8 will be offered, the cost for this support will be considerable and you will be missing out on new functionality, as well as the latest security enhancements.

Internet Explorer versions 9, 10, and 11 will continue to be supported by Microsoft after this date, so they are all valid alternatives (as are current versions of Firefox, Chrome, Safari, and a host of others), so  reach out to your IT department/contact for advice before updating your browser.

PCI can be a pain in the neck; we all know that. I would hate to see any of my friends in the industry lose their hard-earned (and expensive) stamp of compliance over a simple browser update. So get on it and may your updating process be a smooth and successful one.

About The Author
J. David Oder
President and CEO
Shift4 Corporation


J. David (Dave) Oder is the President/CEO of Shift4 Corporation. Dave is a hands-on manager who enjoys jumping into projects alongside his technical staff. An accomplished businessman, Dave has more than 35 years' experience in software development and accounting, spent mainly on overseeing software companies. Prior to founding Shift4, he was CEO of the Aerus Corporation, a pioneer of business accounting software, and owner of a successful consulting firm. Dave earned his Bachelor's degree in Business/Accounting and Master's degree in Computer Science as well as an MBA from University of California, Los Angeles.

 
Comments
Blog post currently doesn't have any comments.
Leave comment



 Security code