Hotels strive to be open, welcoming and, essentially, public spaces whose basic offerings are enjoyment, relaxation, a good meal and a sound night’s sleep, whether the guest’s stay is for business or pleasure. But the hierarchy of human needs cannot be overlooked — hotel guests also want to be sure they are safe and secure, notes Harry Sladich, executive vice-president for hotel operations for Red Lion Hotels Corporation. “We want our guests to know we’re taking their safety seriously,” he explains. “They’re relying on us to keep them safe.”
Hotel security can be something of a paradox. The fact that people are in the hotel around the clock is a component of its safety; however, that also poses security concerns, according to Hart S. Brown, senior vice-president, Organizational Resilience at Hub International. There are high-traffic locations with lots of people coming and going, but there are also obscured and less-busy areas. “Because this is a 24/7 and 365-day environment, you have areas that are not well-trafficked, such as parking lots — depending on how they’re configured — and areas around the perimeter and auxiliary entrance and exit points that can become a problem,” says Brown.
To meet guest expectations, given this paradox, Sladich recommends relying on experts and clearing the way for them to do their work in identifying risk areas and helping management “think like bad guys.” “Hoteliers are famous for feeling that they’re in charge and can do everything themselves. The key is having an expert taking a look at your property.” For the analysis process, Brown and others suggest two approaches. The first is a threat assessment that is done in coordination with law-enforcement officials. “What does the local crime and potential security environment look like? You can start to build a picture from a data perspective not an emotional perspective, which is what people tend to do,” says Brown.
The second piece is a vulnerability assessment, which Brown says hotel teams often gravitate towards first. That includes walking through the property, looking at the parking lots, lighting, determining what areas do not have direct line of sight and determining how people interact with the environment around them. Both Brown and Sladich agree that a thorough walk-through is essential, but Sladich stresses this should not be conducted during daylight hours. “If you don’t walk around your property at night, you’re doing the hotel and guests a disservice.” Check areas that are dark and access points that are supposed to be locked, but don’t ignore the security of areas that are busy and fluid. “The bar in the restaurant is, unfortunately, a risk,” says Sladich. “People might get upset with one another or get a little too happy at times. Proper security systems allow you to go back and see what happened, if needed.”
GETTING A CLEAR PICTURE
As Iain Morton, EVP of Paladin Security points out, management should also recognize differences in geographic location of their hotel and the size of the property. For instance, a smaller suburban hotel will have a different profile than a hotel in a major metropolitan centre that hosts dozens of large functions and events, which are regularly attended by high-profile guests and dignitaries. Brown describes part of the observational process as “crime prevention through environmental design” — increasing security by moving landscape features such as berms and embankments, dense shrubs or fences. “When we combine the two approaches, we can get a clearer picture of security. It’s design-based on the threats and risks that are observed.” While a 100-per-cent secure site is impossible, Brown adds that prioritizing decisions, given the needs of meeting budget constraints, is a measured approach that allows confidence as well as brand and legal protection.
The approach is the same for cyber security, though the “walk-through” and assessments are done virtually. Problems must be addressed immediately, stresses Brown. “Hotels are being bombarded by a point-of-sale type of attack. The success rates of these attacks are extremely high and the vectors the attackers are using to get in are sometimes the employees themselves.” As well, in a world defined by the Internet of Things (IoT) — the inter-connection of smart devices and physical items embedded with electronics — guests expect seamless communication and interactivity. But the IoT and mobile devices pose problems, Brown says. “Securing that, in the technology world, becomes very complex and vulnerabilities become exposed.”
Cameras obviously help secure hotel patrons and property, including over the reception desk to help monitor transactions and make sure nothing is walking out the back door. “Areas including liquor storage need to be monitored to ensure the hotel is not put in financial harm,” says Sladich. He draws an analogy to your home. “You want to make sure that the doors are covered by cameras and that out-of-the-way places are lighted and on camera with a motion-alarm system that indicates when the door has been opened.” You also want video in public spaces where people are interacting — at the bar, for instance — as well as in elevators and corridors. Sophisticated systems might cost money, Sladich notes, but they cut down on other less manageable costs such as FTEs (full-time equivalent positions) and areas where mistakes might be made. “They do work and they do it better, quite frankly.”
BOOST EMPLOYEE TRAINING
Despite technology and concerns with FTEs, employees are still integral to gaining insight into the security picture. By knowing and responding to security threats, they play a key role in recognizing vulnerabilities, says Brown. For instance, employees should understand that some hotel guests are directly targeted because they are public figures or VIPs. As well, employees will encounter transients trying to enter the property who can pose a security threat.
Contrary to popular belief, proper hiring of security personnel may not include individuals who want to become police officers, Sladich says. “You have to hire individuals who have the right demeanour and personality. The ego can’t become engaged. If they handle it incorrectly, an employee can escalate the situation so quickly; it’s not funny.” It’s best to find individuals who are not easily offended and who can “roll along” with the person and the situation. “Too often I see security folks hired for size or because they were in law enforcement.” That’s not a problem in itself, adds Sladich, but he notes it’s important to remember that “security personnel’s job is to observe and report. It’s not to engage in a fight.”
Where costs permit, proper employee training should not be overlooked, says Morton. “There is no reason why personnel at the car port or the concierge should not have security-assessment training and some security-intervention training as well.” For higher risk facilities, he adds staff can take threat-detection surveillance courses and be trained to look for body movement activity and threat assessment. “You can be predictive as possible for potential risk and deal with it in a way appropriate to the environment,” Morton says. Employees also need to be trained on the dangers of weak passwords and phishing, which can result in malware being loaded or credentials being stolen. Security can also be breached over the phone, Brown stresses, giving an example: “I start asking questions under the pretext that I’m with corporate IT and I need to know your IP address. I can then dial back into the system and compromise it.”
TECHNOLOGY MEETS CUSTOMER SERVICE
The technological changes have been profound in recent years, reminds Sladich, pointing to smartphones. “You use your phone to check in and your phone is your key. There’s Wi-Fi everywhere. The television in your room is a monitor controlled from your phone.” And yet the security cameras are too often the vintage of manual joystick operation, he says. Thieves know the difference between old-school cameras and more advanced detection systems. “And don’t hide things,” he adds. “We want guests to be aware of this security and anyone who shouldn’t be there to know that we are watching.”
It’s true that sophisticated cameras and access-control devices are becoming smaller, less obvious and more powerful. “The challenge is in the traditional way they are being used — that is from an analog perspective and not a digital perspective. We are starting to see those devices being compromised fairly quickly,” says Brown, adding technology aside, tried-and-true basic concepts of security remain much the same, referring to what he calls the “See, Contact, Ask and Notify” (or SCAN) security approach, which should be built into a hotel’s customer-service model.
“When it appears that something is going on, approach that person in a customer service manner and know what to do and who to contact,” Brown says. “Staff need a general security awareness and a degree of suspicion, as well as the ability to ask a question and know where to report something.”
Volume 28, Number 5
Written by Andrew Coppolino