Improving a Hospitality Provider’s Approach to Security Risk Management

The uptake in delivery apps, expectation of online bookings, and the potential to realise business objectives via technology have made the hospitality industry more competitive.
 

But unfortunately, already tight margins are being compressed further, and firms with large portfolios must ensure their security risk management is equipped for today’s threat landscape.
 

In this case study, find out more about Atech’s work in creating a security operations centre for a large hospitality client.
 

The Challenge

A large-scale hospitality group, comprising 157 hospitality locations, rebranded itself during the pandemic in 2020. As part of its rebranding exercise, the business needed a digital transformation strategy that could align their technological roadmap with their growth objectives and push their business forward in a challenging market.
 

The group’s existing IT solution hindered its security risk management strategy and the wider computing environment was outdated and vulnerable to threats.
 

Additionally, the company’s IT architecture created unnecessary friction across the business –– from its poor file access/sharing capabilities, to its increased risk profile that forced users to deviate from data-handling best practices.
 

Hospitality businesses often operate on relatively low margins, so the company had a strict budget allocation as well as a need for a low-touch IT solution that could be picked up easily by a wide range of system users.
 

The Solution

Atech deployed a highly-resilient risk management strategy designed in accordance with Azure Well-Architected Framework. The steps/actioned can be summarised as follows:

• We built a fully-optimised cloud migration project using an extensive Azure cost optimisation assessment. We tracked current resource usage, decommissioned unused machines, and then designed, implemented, and optimised Azure
  usage and expenses across the entire enterprise.
• Our team implemented a low-touch security operations centre and simplified endpoint management. Specifically,
  we moved the company’s device management to Microsoft Endpoint Manager to enforce device configuration and compliance across the estate. We also focussed on antivirus deployment, reducing and defining attack surface rules to secure devices and networks.
• Transforming the hospitality group’s network security involved integrating Azure VPNs and automating network
  access rights. Implementing new firewalls and Azure VPNs allows for secure communication and data transfer across
  the core user based and third-party system users.
• Furthermore, deploying Microsoft Sharepoint enabled easier collaboration and improved compliance with the firm’s data handling regulations. See more in part two of this case study which looks at cloud connectivity and network updates in more detail.
• Finally, migration from Mimecast to Office 365, plus the configuration of Defender for 365, allowed the hospitality group to take full advantage of the enhanced security features available in Microsoft’s technologies. Plus, the upgrade met one of the company’s core objectives – to optimise costs and enable IT to become a value driver throughout the entire business
• We conducted a full review of Conditional Access Policies and worked to block or replace legacy systems with newer, frictionless authentication protocols.

The Outcomes

Our fully-audited security risk management strategy hardened the hospitality group’s security posture by deploying enterprise-grade solutions and simplified endpoint management tools.
 

The migration from Mimecast to Microsoft 365 also improved cost efficiency and provided a single pane of glass view of business operations. Increased transparency offers hospitality groups more capabilities in managing user collaboration identity and devices.
 

Furthermore, we actively reduced the company’s attack surface, leaving attackers with fewer options for carrying out attacks on critical IT infrastructure. We reduced the risk profile of the company overall and provided an enhanced end-user experience.
 

Senior leaders were also impressed that they can now meet their goal of enabling greater collaboration via secure, single sign-on workflows.
 

Our solution also included additional business intelligence reporting capabilities. These features empower further company cost savings and enhance resource optimisation processes in the long term.
 

Throughout the duration of the project we were also pleased to learn that the migration workflows we delivered in this project are repeatable, and could work well for our valued clients outside of the hospitality industry too.
 

Access a world-leading security operations centre with Atech
 

Atech is an expert at overcoming today’s threat landscape and equipping businesses with cloud-enabled security risk management solutions. We were recently recognised as a finalist in Microsoft’s Partner Of the Year Awards for our endpoint security solutions from thousands of applicants.
 

Get in touch to learn more about our integrated Microsoft solution suite and see what we can do for your business today.
Improving a Hospitality Provider’s Approach to Security Risk Management