Implementing Mobile Security at The Ritz London

(09/10/2006)

The Ritz London provides for all travellers and guests, many of whom are celebrity ‘A’ listers so famous that they need to use pseudo names during their stay. For this reason diplomacy, tact and sensitivity is very high on the agenda at The Ritz and every attention is paid to detail so that no faux-pas or indiscretion is made as far as their guests confidentiality is concerned.

Therefore, when Richard Isted the IT manager for The Ritz had his brand new PDA stolen, as a thief knifed through his bag aboard a cramped, hot and steamy bus during the July 7th bombings – security of mobile devices suddenly became a top priority. Richard had only just picked up his PDA 4 hours earlier and thankfully hadn’t had a chance to download any confidential information onto the device.

However it was already synchronised to his email and the security built into the existing email synchronisation software meant that for the device to “self destruct” it had to connect back to the mobile network. This system clearly wasn’t going to suffice in the case of a lost or stolen device and so this incident triggered the search and subsequent installation of a fail proof security system for all mobile devices at The Ritz.

Richard immediately began investigating software solutions for encrypting and protecting the information residing on all the mobile devices used by executives at The Ritz. The problem was that many of the applications he trialled were clumsy, slow and difficult to use. The most important feature had to be ease of use, speed and transparency to the user as most of the executives were using their PDAs to keep on top of emails whilst out and about.

From past experience Richard knew that executives would not accept any security software that compromised the usability of their device. Too often companies have found that if the security is too difficult to use or cumbersome then users will bypass it, creating yet another nightmare for the IT department.

Richard said “After trialling Pointsec’s encryption software, I made it mandatory on every mobile device. In the beginning senior executives, such as the Food & Beverage Manager, Sales Manager and Rooms Division Manager, were hesitant about the new security application. It took a while for them to get used to the fact that their device would lock after 10 minutes if they were not using it. This feature didn’t’ go down too well which wasn’t a problem because luckily the new security application is adaptable so I adjusted the profiles to suit each of our end users requirements, in this case changing the time out feature to 30 minutes. It wasn’t long before everyone had become accustomed to the encryption software on their mobile devices, using it without difficulty. Since installing Pointsec we haven’t looked back and we certainly wouldn’t be without it.”

Many of the staff who are supplied with a PDA at The Ritz, will often need to utilize them for viewing download camera pictures, files or music as well as for email communication. This created a further challenge for Richard as it meant he had to have a degree of flexibility within the Pointsec encryption software; making sure that everything work related was encrypted but at the same time allowing the employees to use multi media cards from cameras and other devices.

The solution came in the form of the flexible security policy management which was changed to allow the use of un-encrypted removable multi media cards which in turn allowed the staff to keep their choice of different media applications and information separately and without any encryption whilst the work related information stored on the device was protected.

“This way the encryption we use is flexible and our security policy is adaptable to each person and their habits. In this way the devices can be used fully and the each staff member is happy. Moreover we are safe in the knowledge that all the important data pertaining to the Ritz is secure.” says Richard.

In the year that the Ritz has been using Pointsec’s software the encryption software installed on all of the mobile devices has already paid dividends. Shortly after Richard installed the security application on the mobile devices a worst case scenario was realised as one of the executives lost his PDA on the tube.

However any catastrophe was averted by the software which when the device was switched on was set, not only to prevent access to the data but also to show a pop up message which says “If lost please call this number to return to the owner for a reward”. Within hours the PDA had been returned to The Ritz and the lucky recipient had not only walked away with a substantial bundle of money in her pocket but had also enjoyed a few glasses of The Ritz’s finest champagne in their renowned Rivoli bar. Needless to say both parties were very happy with the outcome.

Richard is impressed with many other features of the Pointsec software as well as the “reward” screen, such as the remote administration unlock which enables him to unlock the device remotely for users who have forgotten their password and subsequently allow them access again to their device with a ‘challenge code’.

Another favourite feature is the password system using PicturePIN which allows the users to remember a story based on pictures rather than having to remember numbers or letters. “The younger members of staff love using this feature as they can remember funny stories using symbols rather than an often forgettable set of numbers. Strangely enough it’s the older staff members who have favoured numeric passwords over the PicturePIN– but whatever method they employ I’m happy, as long as the passwords are being used and it is working for them.”

Using the expertise of the technical support department at Pointsec, Richard has been able to integrate the installation of the security software via their email synchronisation software (GWAnywhere). This means that an installation of the security software to a PDA can be performed over a fast wireless connection (3G or 802.11 wireless) from anywhere in the world. Recovery files and profile updates are also transferred as part of this application synchronisation.

After using encryption software successfully on the devices of top level executives at The Ritz for the past year, Richard has decided to introduce Pointsec software to all of the management and essential operational staff using a corporate mobile device. He says “It is inevitable that devices are going to be lost or stolen. It is part of human nature but by using mobile security from Pointsec I am confident that we have closed one more potential security loop-hole and can ensure the confidentiality and service that our guests have come to expect from one of the best hotels in the world.”

Related topics:  IT Network and Computer Security   Security market sectors 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources