Esteban R. Velez – Classic Hotels & Resorts
Whether he’s on a business trip or just vacationing with his young family, Esteban R. Velez will look up the hotel’s info-tech director and ask him or her to lunch.
“My kids hate me for that,” the jovial Velez tells Toggle. “But in this line of work, it’s essential that we all share ideas. The stakes are very high.”
For Velez serves as vice president of IT and cybersecurity at Classic Hotels & Resorts—that’s four luxury hotels in California and two in Arizona—and knows well the need for data security. Any hotel, particularly one that caters to high-end customers, is entrusted with sensitive information that would be a virtual gold mine to a cyberthief.
“They (cyberthieves) practice on hotels, businesses, restaurants—anywhere they can get to the credit cards—and then may take their schemes to hospitals,” Velez explains. “Any place that has a sales team, they’ll phish.”
So Velez and his eight-member team are constantly reminding the Classic work force not to click on every email link. If in doubt, send it to the in-house spam review committee, he advises. And practice cybersecurity at home; let the cautionary approach be second nature on and off the job.
“I always tell them, you don’t want to get on the news for the wrong reason,” he says.
Earning their wings
With a virtual arms race ongoing between the white and black hats of cybersecurity, Velez chooses not to be overly specific about the precautions in place at Classic, but does say that all vendors—be they for customer comfort or data protection—must regularly prove themselves to remain in good standing.
“I’ll vet any vendor before they partner, and I’ll be their best friend or worst enemy,” he says. “Win me over and I’ll tell everyone. Fail me and I’ll tell everyone. I don’t have any blinders on.”
He’s a believer in the one-year contract with option to renew, and if it’s not working as needed, Velez will cut that vendor loose even if it means buying them out. Since taking over Classic’s IT in 2014, Velez has changed the virus protection system six times, settling on AV email scanning solutions and Venza, who work together and whose artificial intelligence guards against internal as well as external attacks.
Venza has acquitted itself well for Payment Card Industry and General Data Protection Regulation compliance as well as keeping Classic Hotels safe from outside predators, Velez says, noting the company’s primary focus on the hospitality industry’s data security.
As AV and Venza explain, traditional email security systems may be good at warding off mass spamming and phishing by observing the same text or link being sent to multiple users, but aren’t good at blocking targeted attacks because the text rarely hits with obvious keywords.
AV and Venza can also protect a brand name by stopping domain spoofing with an intuitive wizard that enables a client to set up a Domain-based Message Authentication, Reporting & Conformance system (DMARC) that monitors outgoing emails.
“Utilization and protection for our hotels are two key areas that you really need to select the right partners,” Velez says. “One being the Property Management System and the other being a hotel’s Point of Sale systems.”
Velez has teamed up with Point of Sale, which has taken over the market from Oracle’s Micros Simphony, utilizing POS in a cloud-base that secures guest information and provides peace of mind for both guests and the IT team. He’s also brought hand-held EMV POS devices that incorporate Apple Pay, EMV, Samsung Pay, Android Pay and email receipt options, all allowing guests to have peace of mind knowing that their credit card numbers and PII (Personally Identifiable Information) are safe.
Velez has also been working to secure and keep Classic Hotels Property Management Systems (PMS) up to date and create seamless, secure check-in solutions for the entire Classic Hotels & Resorts portfolio. The Property Management System allows guests to manage their own times at the world-class fitness centers and spas.
Hospitality IT covers many bases, Velez explains, noting that its security includes cameras, computers and communications as basic as what’s now referred to as POTS (Plain Old Telephone Services). He’s collaborated with the Maynard Group in California to bring his phone systems to the cloud, making its security all the more redundant.
That’s the Maynard Group founded by Dean Maynard, who was still in high school when he became a high-tech entrepreneur, later installing Telecom systems in rapper Vanilla Ice’s mansion. Such creds endear Maynard to Classic Hotels.
Another “best friend” on the cybersecurity front has been Classic Hotels’ automated online credit card technology that, with help from Velez, is becoming the industry standard. Himself a payment card industry auditor, Velez has vouched for many business partners and their capabilities while lunching with the IT peers, including one in need of enhanced security after a breaching.
“Sharing is caring” Velez says. “Hotels often have trouble with easy solutions. The easy solution in this case was Canary.”
Canary’s advantage being efficiency as well as security, it can rid a hotel of paper authorization forms and transfer all contract signings to digital. Time permitting, Velez might someday accept Canary’s offer to join its board.
“Right now, there just aren’t enough hours in the day,” he says.
It’s not just info-tech
While cybersecurity may be the overriding mission of a hotel’s IT department, ensuring the comfort of the guests can’t be far behind. Here they’ll find Velez and his team going the extra mile, even literally.
“The difference in my team is they’re in front of the house as well as behind the scenes,” says Velez, whose personable nature might have something to do with his pre-IT background in food and beverage. His team can often be found walking the grounds, mingling with guests, taking photos of families and even giving them rides on the IT golf cart.
“You’ve got to have more than just technical skills—those can be taught,” reminds Velez, who “hires for communication skills and trains for technical skills.”
Of course, those technical skills had better be learned, for the hospitality industry is extremely competitive and, in today’s mobile world, people can voice their opinions by telling hundreds, if not thousands, of people in the blink of an eye.
Classic’s reviews have become even more sterling, the in-room experience further enriched this year with guest streaming and other interactive television features from another Velez partner. Google-powered chrome cast technology has been installed at the Arizona Grand Resort & Spa as well as Hotel Carmel and La Playa Carmel in California. By year’s end, the same amenities should be at The Scott Resort and Spa, The Inn at Laguna Beach and the Laguna Beach House.
“We recognize that more and more people use non-linear services to watch programming at home,” Velez says. “Technology and innovation are the keys to keeping guests feeling at home by staying connected.”
In addition, he stays connected with IT teams and hoteliers around the country. Moreover, around Thanksgiving he’ll invite IT, finance and operations teams to his office, deep-fry a turkey and allow everyone to share ideas. If anyone sees areas for the boss to pick up his game, Velez wants to hear about it.
“You can’t fix something if you don’t know it’s broken,” he says. “I want to know the truth before we have a situation like Atlanta or Equifax had with ransomware.”
He is referring to how the capital of Georgia might spend $10 million to fend off cyberattacks that earlier this year cost the city just $52,000 but exposed a vulnerability.
That’s getting on the news for the wrong reason. With his vendors, partners and IT team, and emphasis on proactive rather than reaction IT, Velez is determined not to let it happen at Classic Hotels & Resorts.
Showcase your feature on your website with a custom “As Featured in Toggle” badge that links directly to your article!
Copy and paste this script into your page coding (ideally right before the closing