Your Property Management System (PMS) or RediStay holds a lot of information and most of it is important information: guest names, addresses, phone numbers, and credit cards. To be PCI compliant, we need to make sure no one compromises your PMS.

Changing Passwords

One way to protect you and your PMS is changing your password every 90 days. RediStay does not automatically make you change your password, but there is away. At the bottom of the RediStay, double click on your name and a pop-up window will appear allowing you to change your password. It’s important to change your password frequently so that others don’t try logging in under your credentials.

Logging Out of RediStay

RediStay dates and time stamps everything you do. To keep others from working in Redistay

under your credentials, make sure you log out of RediStay whenever you step away from the computer. Select Action Button F11 Logout. This way you can protect yourself from others making a mistake under your credentials. If your username is on a mistake, then that mistake will fall on you.

Credit Card Readers

It is all our jobs to make our guest feel safe when they stay at our properties. This is not only security of the room and their belongings but of their data (personal and credit card).

One area of concern for us is the credit card reader. These devices are reading the guest credit card and asking them to supply information, so they have value to a criminal. There are many ways the credit card reader can be compromised, while devices such as ours are less frequently compromised than say gas pumps or ATM machines it does happen. Some examples of credit card reader compromises are, skimmers installed on the device, keyboard replacement, replacement of the complete device, tampering with the connections or installation of malicious software.

We have policies and procedures in place to catch this type of tampering’s and audits that the GM performs. Working at the front desk gives our employees a better chance than many to catch any of these types of issues before they can be a problem. Some items to watch for are:

• If the readers look different – the keyboard looks different, the device seems to be a different size, or there is a seam as if something was put on top of the device. This could be an indication that a skimmer has been installed on the device or a keyboard overlay has been placed on it.

• If someone is playing a lot with the reader or reaching behind it for some reason.

• Someone shows up at the property saying they are there to fix the reader or do some work on the reader – IT will never send out a tech to the property to work on the device. All work is done by sending the device back to the corporate office or to the vendor.

If you are experiencing issues with credit card readers or a computer (mouse, keyboard, browser, specific sites, spyware/virus, account issues), or if you have a problem and you are unsure who to contact, reach out to Westmont IT Support.

• Email: IT.Support@whg.com

• Support Line: 713-933-0990

Use the RRI West POS Device Inspection Log to check the devices monthly. This log can be found on WEST Edge. These records must be retained for at least 2 years. For example, records kept for calendar 2021, would be disposed of at the end of 2023.

Starting October 1st!

RRI West OSHA Refresher Training 2021 will be available on WEST Edge starting October 1st.

You and your staff can now sign into WEST Edge and review the required three-part OSHA Refresher Training 2021 series.

The purpose of OSHA Refresher Training every year is to keep our employees safe in the workplace. Refreshing our knowledge and skills as they relate to OSHA allows us to re-examine work habits that could be hazardous and remind us how to avoid them. Refreshing on these critical topics shows our commit to staff and guests that safety is always top of mind.

Please complete this three-part OSHA Refresher course in conjunction with the OSHA Acknowledgement for course completion. There is also a workbook that corresponds with the three-part series.

All training to be completed by November 30, 2021. Log into WEST Edge to complete CLICK HERE.

If you or your employees are having issues logging in to WEST Edge, please reach out to training@whgextstay.com.

To ensure the safety of our hotels, it is important to know scams are on the rise. Phone scams come in many forms, but they tend to make similar threats, or ask you to send money. Please take all precautions to ensure you and your staff don’t fall for a scam.

There’s never a good reason to send cash, and we as a company we will NEVER call a property and ask for money to be taken from the drawer, deposit, etc. to be wired or sent to anyone from the company. The only people that will ask you to do anything with money is accounting if your daily deposits are missing and the only place they will ask you to take money is to your properties bank with our deposit slip.

Here is what you need to know:

• Scammers create a sense of urgency. They rush you into making a quick decision before you look into it.

• Scammers use intimidation and fear. They tell you that something terrible is about to happen to get you to send a payment before you have a chance to check out their claims.

• Scammers use untraceable payment methods. They often want payment through wire transfers, reloadable cards, or gift cards that are nearly impossible to reverse or track.

• One thing you can count on is that a phone scammer will try to get your money or your personal information to commit identity theft. Don’t give it to them.

Train Your Employees

• Your best defense is an informed workforce. Explain to your staff how scams happen.

• Encourage people to talk with their coworkers if they spot a scam. Scammers often target multiple people in an organization, so an alert from one employee about a scam can help prevent others from being deceived.

• Train employees not to send passwords or sensitive information by email, even if the email seems to come from a manager. Then stick with the program — don’t ever ask for sensitive data from employees by email.

• If you are unsure who is calling and what they are asking of you, do the following:

  • Ask for name of person calling and the company they are with

  • Ask for a call back number

  • Inform the caller that you are not authorized to provide this information or perform a task and you will have your supervisor call them back. If this is a legitimate business, they will not take offense or try to persuade you to give them information.

  • Contact your General Manager and/or RVPO. Supply them with caller information: name, company, call back number and details of the request.

  • Never give out your co-worker’s personal information, such as cell phone numbers. If the caller is a legitimate business, they should be calling direct to the hotel business number or can call back to the hotel phone to reach the manager.

• If someone calls requesting money notify your General Manager and/or RVPO immediately and complete an incident report for it to be on file whether no loss of funds occurs.

• Call the police and report it with the information you gained from the caller.