Case study: Malware checkout
Case study: Malware checkout

A hotel chain sought relief from malware on its workstations throughout the United States. Greg Masters reports.

In the hospitality industry, it's all about a comfortable and efficient experience for the customer. It's vital too that guests feel pampered and well taken care of. So, when the IT staff at Thayer Lodging Group began having some challenges with its computer network owing to malware attacks, too much time was being diverted to cleaning out the infections and maintaining the integrity of the operations. Any possibility of a speed bump in its level of service to both its customers and the staff handling operations just was not on the itinerary.

Thayer Lodging Group – an Annapolis, Md.-based, privately held hotel investment company owning or managing 18 hotels mostly clustered on the Eastern Seaboard, but stretching as far as California – is fairly sizable. Its IT department, consisting of just a few people whose purview extends from the data center to the TVs in 4,429 guest rooms, was swamped. In 2007, the team started accelerating Thayer's move to virtualization and the cloud, but as of late 2010 it still hosted its endpoint security in-house. The software was neither centrally managed nor effective, and the result was a lot of workstations with malware. 

Plus, on more than one occasion, the software harmed the computers it was meant to protect, causing the servers to freeze. After this happened a number of times, Mike Dickersbach (right), vice president of information technology for Thayer Lodging Group, started looking for a fix to the problem. “We needed a solution that would not only secure the endpoints, but also help Thayer Lodging comply with centralized reporting, event logging and other Payment Card Industry (PCI) rules,” he says.

The goal was to reduce the overall time spent fixing glitches and lessen the aggravation from end-users coming up against issues with their computers. Additionally, Dickersbach wanted his team to be able to manage network operations from a central point.

Along with his network engineering team, he looked at a number of traditional anti-virus products, but all of them required a server install of some kind in order to monitor and push updates. Symantec, he says, provided the only product that offered truly cloud-based management.

He received a beta version of Symantec Endpoint Protection.cloud, and, when the service became generally available in early 2011, extended it to all 150 endpoints in the company – physical and virtual servers, laptops and desktops.  Costs and management of the product were key factors, he says. “It was less costly to deploy Symantec's solution than it was to keep deploying a traditional AV product.”

Symantec Endpoint Protection.cloud includes advanced technologies that help protect systems without requiring additional hardware, management software or dedicated IT staffing, says Andrew Singer, director, security product marketing SMB and Symantec.cloud at Mountain View, Calif.-based Symantec. Automatic security updates occur transparently over an internet connection, enabling systems to stay current with the latest updates. As well, laptops and desktops receive intelligent scanning technologies that help maximize protection while minimizing impact on system performance, he says.

A subscription fee replaces upfront expenses with affordable, predictable costs, he adds. Plus, the solution is fast to set up and implement and can be deployed to clients via standard download, email invitation or silently can be pushed to a network. “The service is efficiently managed from a central web-based management console that is accessible from an internet connection, and administrators benefit from pre-set security policies and report templates,” he says. Upgrades occur automatically and new features are introduced frequently – and included as part of the service, Singer says. Further, the service can scale to incorporate new endpoints without requiring additional hardware or management software.