Skip to main content

Hotel Wi-Fi Focus: Access & Security

When it comes to guest satisfaction in the hotel industry, quality, reliable and accessible Internet access is a top priority. Guests are often traveling with multiple Wi-Fi devices (with hotels reporting anywhere from 3 to 5 devices on average), and consumption continues to increase. Hyatt Place recently found in a guest survey that free Wi-Fi was the top amenity searched for when choosing a hotel. Hotels are responding by adding more bandwidth: according to Hospitality Technology’s 2015 Lodging Technology Study, 43% of hotels will boost the bandwidth available to public spaces over the next 18 months, and one-third will upgrade bandwidth inside the guestroom.

“Hotels always viewed networks as a one-time capital purchase, but the reality is it is evolving so fast, it has to be in the budget every year,” says Trevor Warner, president of Warner Consulting Group (, based in Columbus, Ohio, and providing technology and telecommunications consulting for the hospitality industry. “They have to keep looking at it and making adaptions, because they are going to be doing updates every six months to a year to keep up with what guests are doing in the hotel.”

Hotels agree that investing in a bigger pipe is no longer enough. The next adaptions focus on more robust access points, and better security.

Maintaining connections through increased access
Guests are not only bringing more devices with them, drawing on the available bandwidth, but they are also streaming more on the device, including smartphones with smaller antennas. This requires a stronger network with more access points.

“Nobody reads anything anymore, they watch it,” says Warner. “Streaming devices, like cell phones and tablets also have smaller antennas so they need a stronger network, which is sometimes more of a problem than bandwidth. You have to have both.”

When it comes to bandwidth, most hotels are offering at least 100MB to guests, but many are opting for 250MB or 1GB. At Interstate Hotels ( in Arlington, Va, operating 500 hotels worldwide, the company is rolling out a new program to its United States properties requiring a minimum of 30 MB, but with burstable circuits capable of handling up to 1 GB.

“As the need arises for more bandwidth, the burstable circuits take care of it,” explains Nelson Garrido, senior vice president of IT services and delivery at Interstate Hotels and Resorts.

However, more bandwidth doesn’t necessarily mean satisfied guests without the physical network and access points in place to handle it. “Hotels are now installing new networks and more access points,” says Warner. “Networks installed two years ago are now requiring 150% more access points.” Many operators are upgrading their access points from 2.4 ghz to 5 ghz, which offers a shorter range — requiring more to cover the property — but can handle a higher capacity.

Ten years ago, Hawthorn Suites Hotel by Wyndham ( in West Palm Beach, Fla. only needed six access points for its 112-suite, six floor property. Now they have 28 access points throughout the property and are installing two more in the spring of 2015, says William Murray, general manager. “We are migrating to keep up with the newer technology out there. You don’t have a choice; you become obsolete or the network becomes incapable of doing what you want it to do,” Murray says.

Interstate Hotels are installing 5 ghz access points on all hotel upgrades and new builds, but it also depends on the type of hotel, size and construction in terms of what is needed. Garrido explains that Wi-Fi mapping and signal heat mapping is performed at each property to determine what is needed for the space.

Security brings increased concerns
Security is also a significant driver in the need for continual upgrades. For example, guests are now using personal hotspots and MiFi devices to provide their own Internet access. This opens the hotel up to security issues, if someone creates a hotspot mimicking the hotel network to either attack the network or access data from other guests.

“The major issue in the space is others setting up a network to try and spoof our guest network so guests connect to it and they have access to their data,” explains Interstate’s Garrido. “We don’t mind if guests use their own network for personal use, it’s when they mask it as a service the hotel is providing or attack another person’s machine. It’s a matter of ensuring our guests are educated on which network to connect to, and monitoring our network and airspace.”

While there is technology available to block other Wi-Fi networks, called jammers, the Federal Communications Commission (FCC) fined Marriott $600,000 last October for using the technology at its Opryland Property in Nashville while also charging hotel guests to use the property’s Wi-Fi network.
The American Hospitality & Lodging Association ( and Marriott ( petitioned the FCC to allow for the deployment of the technology in conference centers, saying that conference goers could use a hotspot to launch cyber-attacks on the company’s network or disrupt Wi-Fi service for the conference or guests. After public backlash and opposition by several tech firms, including Google and Microsoft, Marriott withdrew the petition in February 2015, and issued a statement on its website:  “Marriott International listens to its customers, and we will not block guests from using their personal Wi-Fi devices at any of our managed hotels.”

The FCC/Marriott scenario reinforces how quickly dialogue is escalating to include not just adequate coverage, but security of data on the network as well. To keep property data safe in the event of a guest-network attack, it’s best to maintain separate networks.

For those properties connected to a brand or franchise, the majority run their front desk and back-office under the requirements set in place by the company, and either utilize a completely separate network on the guest side, or build firewalls in between. However, most opt for a totally separate network to eliminate any vulnerability.

“Any time you mix those two cultures, you are more vulnerable, so the best way to do it is where the two networks never touch,” Warner advises.

At Hawthorn Suites Hotel, the property uses two separate networks from Comcast Business (, a 50 MB network for back-office and front desk management plus 150 MB for the guest side, which they recently upgraded from 100 MB. They are on separate routers with their own firewalls for security and guests get a password to access the network when they check in.

“We have multiple logins, and multi-level access, so even our staff only has access to staff-level information,” Murray notes.

Interstate Hotels and Resorts also have two separate networks, although vendors and requirements vary depending on the brand. Some properties charge for the Internet, while others offer it complimentary to guests, but all guests must identify themselves to log onto the network, such as
providing a last name and room number.

What’s more, with PCI compliance and many hotels moving to tokenization, which substitutes credit card information with a token that has no value or meaning, the fear of a data breach is lessening.

“We are PCI compliant and the next phase is tokenization and EMV,” Garrido says. Nor does Hawthorne store any credit card numbers. “In the past,” says Murray, “we had the last four numbers of a credit card, but that is going away now with tokenization.”
This ad will auto-close in 10 seconds