How Hotels Can Protect Power Devices from Looming Cyber Threats in an Interconnected IT Environment

Hotel IT teams that integrate a robust power management strategy with evolving cyber defense practices will be in a strong position to stay ahead of emerging risks.
By James Martin, Global Connectivity Product Manager at Eaton - 11.16.2023

As IT strategies have evolved amid the digital transformation, an era of generative AI is emerging that is changing the way hotels serve guests. Solutions such as AI chatbots and robotic processing automation (RPA) tools are helping streamline operational processes, making systems like booking more efficient while also delivering an increasingly personalized customer experience. 

While the potential for AI is only beginning to take shape, it’s clear that this transition will come with new demands for computing power and storage capacity to ensure systems run effectively. As hotel leaders consider the power management resources needed to support these demands, they must also evaluate their cybersecurity approach to protect against potential costly breaches. 

Power in perspective 

A key tech trend that has reshaped both the IT and cybersecurity landscape is the transition to a distributed, interconnected IT model. An interconnected IT framework not only allows hotels to usher in new AI tools and other digital solutions, but also brings more unconventional devices into the mix as potential entryways for malicious activity. Even HVAC units can now be connected to a network and could potentially become targets for cyberattacks in the process.  

While interconnectivity has many advantages, it’s critical for IT teams to safeguard each connected component to protect against growing threats like ransomware.  Ransomware attacks have been on an upward trend over the past year with an almost 13% rise from 2021 – a greater increase than the previous five years combined – according to the Data Breach Investigation Report (DBIR) by Verizon. Recent victims include MGM and Caesar’s Entertainment, which experienced attacks that caused major complications with their operations. 

Like HVACs, power management devices such as uninterruptible power supplies (UPSs) – which provide backup for critical IT systems and bridge to generator power in the event of an outage – could be an overlooked area of focus for cybersecurity. Hotel IT teams are connecting UPSs more often now to improve their disaster avoidance strategies with remote management and monitoring capabilities. In this transition, these backup power systems must be protected from cyberattacks just like every other network-connected device.   

Certified for security 

In the face of growing cyber threats, global standards bodies have expanded their efforts to define processes and methods to certify products as secure. Global safety standards organizations, including Underwriters Laboratories (UL) and the International Electrotechnical Commission (IEC), provide important guidelines for the implementation of appropriate cybersecurity safeguards in network-connected devices. 

Deploying UPSs and rackmount power distribution units (PDUs) with network management cards that carry UL 2900-1 and ISA/IEC 62443-4-2 certifications in distributed environments, such as network closets, can give hotel IT teams peace of mind that their devices have built-in cybersecurity features and capabilities to better protect infrastructure against breaches. The latest network management cards provide IT teams with a combination of capabilities for enhanced management and cybersecurity. By merging zero-trust architecture with powerful automation and remote and on-site management tools, these solutions can help boost the performance and uptime of critical business systems.

Stay up to speed 

As hotel IT teams look to connect more UPS devices to their network, they will want to execute remote firmware updates to keep their devices current with the latest patches and features. Staff should look for power devices that require cryptographic signature checks to update firmware to avoid cybersecurity risks. Hotel IT teams should also work with vendors that offer 24/7 monitoring across converged IT/operational technology (OT) environments as this can help add an extra layer of protection and visibility for critical infrastructure.

Physical security is something hotels should also keep in mind as part of their strategic framework for protection. Equipping IT racks with smart security locks can help to ensure that only authorized personnel have access to IT equipment. As the proliferation of smart, connected devices link together more elements of IT operations, it will also be helpful to collaborate with technology and solutions partners that demonstrate an ongoing commitment to cybersecurity.

Refine management resources  

While power management software is primarily used to aggregate and manage power devices, it can also be utilized as an inexpensive air gap solution – which helps keep secure networks physically isolated from unsecured ones. Organizations like Grandeur Housing use this method to improve their cybersecurity defense and protect against ransomware attacks.

Power management software can also integrate with Windows operating systems and common virtualization systems, which makes it easy for IT teams to automatically discover and monitor common power infrastructure and IT equipment. Some solutions can also be customized to trigger specific actions on a customized schedule in alignment with devices like UPSs and rackmount PDUs. 

Hotel IT teams that integrate a robust power management strategy with evolving cyber defense practices will be in a strong position to stay ahead of emerging risks. As new threats surface – such as Ripple20, which put countless internet-connected devices in danger during the early days of the pandemic – hotels will be able to quickly adjust to protect their infrastructure. 

Empowered for protection 

As technology evolves, hotels will continue finding new ways to apply AI and other digital solutions in streamlining their operations and driving new, exciting services to guests. An interconnected IT framework will help hotels capitalize on this transformation, but it also comes with the responsibility to protect each endpoint from potential cyber threats. Hotels that take measures to secure their power devices as part of an end-to-end cybersecurity approach will ensure they’re ready for what’s ahead.  

James Martin is the Global Connectivity Product Manager at Eaton, a diversified power management company and global technology leader in electrical systems for power quality, distribution and control. He has promoted Eaton’s software and connectivity solutions for the past 10 years and built trusted technical advisor relationships with channel partners, field sales and sales operations.

Are you an industry thought leader with a point of view on hotel technology that you would like to share with our readers? If so, we invite you to review our editorial guidelines and submit your article for publishing consideration.