Set in the heart of London, The Strand Palace Hotel is large hotel in an enviable position being a stone’s throw from Trafalgar Square and the buzzing Covent Garden. It has over 700 bedrooms and was first opened in 1909, refurbished in Art Deco style during the 1930s and has subsequently been modernised to its current decor.
Transputec have successfully supported the Strand Palace Hotel, a large hotel in central London, with several IT projects since 2018. As a result, when the hotel’s IT team identified a gap in their cybersecurity, they turned to us to understand how it could be removed. David Pryde, Head of IT at Strand Palace Hotel explains how we helped them.
Primarily, we wanted to review our cybersecurity and infrastructure environment. We believed it to be reasonably strong in our perimeter security and process but wanted to be more proactive in our monitoring and response efforts.
We felt that our greatest vulnerabilities were either accidents made by staff or malicious acts, so we were looking for services like log monitoring and data loss prevention.
What Transputec Did
Transputec came to us with a proven solution for the hospitality industry. It was created by one of their partners. They came in and demonstrated a proof of concept after going through our requirements. It proved to be effective in highlighting unknown vulnerabilities, not so much in ourselves, but within our supply chain. The product they put forward more than exceeded our expectations. It showed us that we hadn’t widened our scope enough. It went on to do so much more, so much more that we decided to utilise it at the other locations in our hotel group.
The program is a SaaS platform that handles data loss prevention, full-packet inspection, and mobile device monitoring. It monitors what users are doing and typing and what they’re producing, as well as handles patch management.
The analogy I use is that it is a swiss-army tool of cybersecurity. There’s still person-to-person support however, in addition to all its AI and ML capabilities. Transputec monitors our systems 24/7 and makes us aware of things that require investigation or automated actions. It’s proactive, removing threats before they’ve materialised.
They’ve worked both on and off-site. We have a monitoring device that sits on our network. They assisted us with the deployment of an agent that sits on our computers, and then all the data goes offsite to their security operations centre.
Whilst our security remained strong, we would probably capture 4–5 instances of accidental data risk: people have accidentally started to compile sets of data that’s not put where it should be. The software effectively identifies those occurrences. They’ve also intercepted instances of credential theft. Those were caught within three minutes, and we were able to do a rapid analysis that nothing materialised. They very quickly that the account was trying to be accessed from elsewhere in the world.
Their diagnostics and forensics have been very strong. We’re running at about 100 alerts total throughout the years. Nothing has been majorly concerning; events like phishing attacks and malware have been stopped before activation.
Relationship with Transputec
We worked with a project manager on the implementation, and it was very easy. There was also a major software upgrade in 2019 where we identified a large issue, and they engaged a technician on site to analyse what had happened. They worked with another one of our vendors to resolve the issue within 48 hours, and everything remained, up, running, and monitored.
Their after-sales services have been fantastic, and they don’t oversell themselves. After listening to our requirements, they give us a product that does what we want and more. I don’t feel like I’m paying for technical aspects of the work that are unnecessary. They matched our needs to the product at the best possible value.
Because the software runs so efficiently, we don’t have much reason to reach out to them. Therefore, I touch base with them every few months. In terms of technical improvements, they happen around once a year, but by then we’ve realised that the product has even more functionality than it used to.
They listen and are discreet, so you can be confident in confiding in them when something isn’t right. They’ve been strong for us in both recommending solutions to what we think our problems are and using their expertise to make us aware of things that we weren’t previously.
Whenever I do special bid orders – large deployments of hardware – they’ve been very competitive, efficient, and on time with them.