This document discusses SIHOT's compliance with PCI data security standards. It summarizes how SIHOT.PMS and SIHOT.POS help users adhere to PCI requirements by encrypting stored credit card data, restricting access to authorized users, and transmitting card data securely during payment processing without storing full card numbers. The document provides an overview of SIHOT's features that facilitate PCI compliance for credit card transactions.
SIHOT.NEWS highlights new features and international expansion
1. SIHOT.NEWS
No. 4 | February 2011 SIHOT. MARKET & INDUSTRY | page 1
>> Online YEARS SIHOT
>> 25 YEARS OF SIHOT >> Tip
Questionnaire page 4 page 6
page 2
ITB 2011 SAME PlACE – NEW lOOK
GUBSE to Exhibit New SIHOT-Version 8.1 Edition 2011
110.000 industry professionals attended the ITB last year. Once again, the international travel trade industry will meet
in Berlin from 9th to 13th March 2011. We look forward to seeing you at our brand new exhibition stand where we will
be presenting the new SIHOT Version 8.1 with a host of interesting new features.
One of these new features is a web- >> ITB
based check-in: guests pay via internet Berlin, 9 – 13 March >> CONTENTS
(secure SSL payment) and receive a
Hall 10.1, Stand 121 Market & Industry ...................... 1
code in return. This code serves as
ITB Berlin 2011
proof of payment and can be used for
other purposes, such as the automated Further Highlights Include: Product & Company ................... 2
issue of room keys. >> automatic processing of waiting lists New Features
>> customer-specific configuration of
People .................................... 2 | 3
Our new tool SIHOT.Mobile improves tabs in dialogs International, Jochen Conrad
inter-departmental communication. We >> individual database extensions
will be happy to show you how staff can >> advanced rate management Anniversary ................................ 4
call up the up-to-date breakfast list on using client-specific scripts SIHOT Turns 25
a smartphone. >> new functions for Multiple Property
Focus ........................................... 5
Editions PCI Compliance
For appointments during the show, please contact your local Tip ............................................... 6
SIHOT.System: Tips & Tricks
agent or our Sales Department directly. Alternatively, request
an appointment online:
WWW.SIHOT.COM/MESSEN
Contact ....................................... 6
2. SIHOT. PRODUCT & COMPANY | page 2 No. 4 | February 2011
NEW FEATURES
Sending HTML-E-Mails Online Guest Questionnaire The online questionnaire is another tool
An interesting new product feature is The use of guest questionnaires to ob- offered within SIHOT.System for mana-
now available for SIHOT users with a tain customer feedback is a traditional ging customer relations in a modern and
Version 7.2 or higher: as part of the element of quality management. Howe- efficient way, keeping you informed of
Sales-Module, automatic e-mails can ver, guests have become less and less what your guests think.
now be sent in HTML-format. likely to complete these forms by hand.
The alternative is to offer a more modern
To configure automatic e-mails, access approach by using the new feedback-
the respective dialog via the “Master tool.
Files” menu - “Sales & Marketing”. When
selecting an HTML-layout, the format After check-out, guests receive an e-
for sending the e-mail will be adjusted mail with a link to an online questi-
automatically. onnaire. The questionnaire’s design is
variable to ensure it complies with the
HTML-layouts can be managed in the hotel’s corporate identity. The contents,
dialog “template layouts”, where you i.e. questions, multiple choice answers
can copy, delete, edit and rename the and language options are also variable
templates. to suit each individual property.
E-mails in HTML-format are often used In order to draw conclusions from the
to give guests information regarding feedback, an analysis tool can be ac-
their forthcoming vacation or to thank cessed directly. Here you can check in-
guests for a recent stay. They often con- dividual answers in detail or view totals.
tain links to the hotel’s website and are Graphics are available in HTML, PDF and
designed to build a longlasting relation- Excel format. All data can be exported
ship with customers. into Excel sheets or Word documents.
SIHOT.INTERNATIONAl
The GUBSE staff at these locations sup- and Eastern Europe as well as the Middle
port clients not only in their own lan- East. She will also be responsible for es-
guage, they also make it possible to tablishing local agents in these regions.
react quickly to local particularities and
Over the past few years, SIHOT has latest market developments.
gained more and more international cli- To support the ongoing international
ents. To accommodate the growing de- expansion, GUBSE has recently hired
mand, GUBSE has developed its pres- two new members for the Sales team,
ence not only in Germany but also further who will be acquiring new clients and Marc Llobet
i Baxarias
afield: business partners internationally:
>> In Germany with offices in Schiff- At the same time, Marc Llobet i Baxarias
weiler (headquarters), Berlin, was recruited to support the Iberian Sales
Hamburg and Reutlingen Office. Marc is a Marketing specialist and
>> In Spain with branches in Valencia, has excellent inside knowledge, having
Palma de Mallorca and Barcelona sold hotel software for the past 11 years.
Bérénice
>> In São Paulo, Brazil with an office He will be working from a new office in
Ndiaye-Figoluschka
responsible for South America Barcelona.
>> And a new office in Sydney, Australia, Bérénice Ndiaye-Figoluschka joined the
which will look after the Asia-Pacific Berlin-team late last year. Originally from
region. France, her main focus will be Central
3. No. 4 | February 2011 SIHOT.PEOPlE | page 3
SIHOT.INSIDER
processing of tasks triggered by certa- What was your most difficult program-
in events. In addition, the integration ming assignment? Due to a little-known
of SIHOT into other systems has kept design decision in Microsoft 64 Bit Win-
us busy, e.g. the integration with SAP dows, it may happen that programme
or the interface to the Channel Manager exceptions are not triggered. This, in
via HTNG. We are now starting work on turn, may affect the programme in a
Version 9.0. way its state becomes corrupted and
difficult to debug. It was a technical
Which leads us to the next question: challenge to diagnose and deal with this
Jochen Conrad Where will the IT-development lead to situation. Those interested may find
in the near future? We have a very so- details and the technical background
For Jochen Conrad, Head of Develop- lid product which works for single pro- information in Paul Betts’ blog or in the
ment and Executive Director, program- perties as well as in a multi-property Microsoft Knowledgebase (KB 976038).
ming is more than just a job: it’s a environment. However, the require-
passion! He joined GUBSE as far back ments regarding web are on the incre- You are an active member of your tech-
as 1988 and is familiar with all SIHOT ase. This is why we are developing an nical college‘s alumni. What is your
versions, knowing the program inside additional web-based GUI for SIHOT. advice to young people wanting to join
and out. Meticulously and with a lot of Depending on the individual require- the industry? Forthcoming IT people
enthusiasm he manages to implement ment, clients can then choose which should be open for and interested in all
even the most demanding require- way to access SIHOT: by web-browser, sorts of trends; however, they should
ments. via remote-desktop or by working with not follow these trends indiscriminately.
a local installation of SIHOT. A combi- Software development requires a good
What is your present project? We have nation of these options will also be pos- deal of own ideas and creativity, not to
just completed SIHOT Version 8.1. The sible. mention a sound theoretical basis.
main focus in this version is on MPE-
and CRS-functions as well as automatic
COMPUTADORES Y DATOS
PARTNER OF GUBSE AG
The SIHOT Business Partners form a Since 2004, CD offers all-in-one solu-
network of specialists around the globe. tions with SIHOT, starting with consul-
Thanks to their know-how with regards ting, project management, training,
to local regulations and legal issues, SI- hard- and software installation as well
HOT can be easily adapted to fit into the as support and after-sales. Their long-
working requirements of the different standing relationship with DATISA, a
countries. In this issue, we introduce leading Spanish Accounting & Stock
our Premium Partner Computadores Y Management (ERP) developer, led to
Datos (short: CD). Michael Hoffmann, Fernando Torres, Stephan Rose a complete integration of the program
with SIHOT.PMS.
Premium Partners are authorised to in- accounting system in 1990, the two
stall SIHOT.PMS, SIHOT.POS and other German expats decided to specialise Service and Perspective
SIHOT.System products and to conduct in offering IT solutions for the hotel in- CD is also busy in the F&B sector, ha-
user training. dustry. From the beginning, the com- ving equipped the properties of five-
pany used a very technical approach star chain Adrian Hotels with 25 POS
Stephan Rose and Michael Hoffmann together with reliability and consistency terminals and 30 handheld devices.
founded the company in 1988 in the to attract new clients and maintain ex- Apart from the Canary Islands, CD has
little town of Chio, Teneriffe. With their cellent customer relations. also managed several SIHOT installa-
first installation of a PMS with an tions in Mexico and the Caribbean.
4. SIHOT. ANNIVERSARY | page 4 No. 4 | February 2011
The modular Information and Management System celebrates
its 25-Year Anniversary
The first SIHOT Version on a Unix platform was released in 1986,
aiming to provide hoteliers with a comprehensive and practical
software solution, based on the latest technology available. Owing
to its steady and proactive development, SIHOT.System has be-
come one of the leading products on the market.
YEARS SIHOT
Vast differences mark the beginnings SIHOT and our company GUBSE have
of the original programme designed for grown during these past years from a
caravan sites and today’s edition, which handful of computer enthusiasts to a
provides an all-encompassing solution workforce of 90 committed and highly-
for modern hospitality management. qualified staff in nine offices worldwide.
Nowadays, SIHOT fulfils the require-
ments of boarding houses, youth hos- 25 years of SIHOT stand for unique
tels, hotels and chains of all kinds and flexibility, stability and success. They
sizes alike. include the ideas, critique and back-up
of clients and users who are suppor-
In order to meet these requirements, ting our endeavour to maximise the
SIHOT.System consists of 16 modules program’s potential at every stage.
to complement the SIHOT.PMS as needed. This input enables and pushes us to
provide a product of the highest quality
Technological advances nowadays allow possible.
for the basic installation of SIHOT.PMS
in a mere 20 minutes via remote con- 25 years of SIHOT is a long time - espe-
nection – the early Unix version took cially in an industry as changeable as
an entire day, an array of floppy disks the IT business. We are, therefore, very
and tapes. Also, data bases have grown proud indeed to have come so far. They
in size from a standard of 20 MB to an shall serve as a motivation to conti-
average of 10 GB. Efficient data storage nue developing SIHOT along-side the
facilities and improved data processing technical innovations of the present and
have made it possible to manage these future.
vast amounts of data in fractions of
time. This also affects the IT-structure 25 years of SIHOT are also marked by
of hotel chains, which tend to move a great number of longstanding and
their installations to one central server interpersonal relationships with our clients,
rather than maintaining a local server which are very much appreciated. The
in each property. team behind SIHOT is looking forward to
many more mutually successful years.
5. No. 4 | February 2011 SIHOT.FOCUS | page 5
PCI COMPlIANCE
The subject of “PCI compliance” is im- Handling the PCI-Require- the required data within the local net-
portant to most SIHOT customers. It ments in SIHOT.PMS work or on the same server (depending
is the mandatory global security stan- SIHOT.PMS features a number of me- on the provider) to the electronic pay-
dard of the largest credit card com- chanisms helping you to adhere to the ment provider. The latter must ensure
panies which was introduced in 2007. PCI-requirements. encrypted transmission for confiden-
PCI stands for “Payment Card Industry tial data on open, public networks ac-
(PCI) Data Security Standard (DSS)“. Protect Cardholder Data cording to PCI-standards.
It states precise procedures for dealers Protecting cardholder data means that
and providers working with or proces- data must be stored no longer than ne- Access Control
sing credit cards, to help facilitate the cessary and that access must be res- Access control calls for mechanisms
broad adoption of consistent data secu- tricted as much as possible. Also, any limiting the availability of information
rity measures on a global basis. stored data must be encrypted at all times. or information processing resources
PCI compliance, i.e. the verifiable ad- SIHOT.PMS stores the credit card num- to authorized persons or applications
herence of a company (such as a hotel ber as well as the expiry date only for only. This mechanism is incorporated in
or boarding house) to these procedures the duration of a transaction (starting SIHOT.PMS in form of user rights.
is being checked by the individual credit with the reservation up until settle- Access to credit card data stored for
card companies. If standards are not ment). The CVC-number is not stored. the duration of a transaction can be
being followed, the credit card com- After completing the transaction, the controlled within SIHOT.PMS by gran-
panies are entitled to cancel the co- programme PCI Compliance overwrites ting different rights to different user
operation. the card number and expiry date. The Pro- groups.
The number of transactions determines gramme database clearance deletes the
whether a hotel has to be tested or data. Applying PCI-Standards
certified. As a rule, a dealer processing An AES-algorithm is used to encrypt the in SIHOT.POS
less than 20.000 credit card payments data while it is stored in the database Any outlet connected to SIHOT must
per year must comply with the stan- during the transaction. fulfil with the same standards; there-
dard; however, a certification is not The log-files of the system never show fore, SIHOT.POS has been equipped
compulsory. a complete credit card number. The with the necessary technical require-
The requirements of the DSS are di- number shown includes only the last ments to comply with the DSS.
vided into 12 points. With regards to couple of digits, the number of which For example, the card data read by the
our applications SIHOT.PMS and SIHOT. is defined in the SIHOT-registry. POS application is transferred to the
POS, we support our clients actively The same registry-entry also deter- interface module „RMSPAY.DLL” with-
in applying the standards by ensuring mines the number of digits to be dis- out being stored. The module formats
the software adheres to the following played in different dialogs, printed mat- the data and transmits the same to
requirements: ters and data exports. SIHOT.PMS. There is no storage of the
Another registry-setting determines request outside the module. Also, the
>> Requirement 3 whether or not and for how long the card number is encrypted on the in-
Protect stored cardholder data credit card data is being stored after a voice as well as on the invoice copy
transaction. The data is deleted during stored in the system.
>> Requirement 4 the night audit with the running of the
Encrypt transmission of cardholder programme “database clearance”.
data across open, public networks
>> Requirement 5
regarding access control measures
The remaining requirements fall into
the responsibility of the integrator of Display of card data in the guest profile
the system.
Encrypted Transmission Checklist
SIHOT.PMS does not transmit confiden- To ensure that your system is confi-
tial cardholder data across open, public gured to meet all PCI-requirements,
networks. For online pre-authorisations a checklist can be provided on request.
and payments, SIHOT.PMS transmits
6. SIHOT.TIP | page 6 No. 4 | February 2011
SIHOT.SYSTEM: TIPS & TRICKS
Accounts as of V.7.2
In addition to the description, a com-
ment can be added to a posting on a
bill. Select “description and comment”
from the invoice text combobox and
enter a comment via context menu.
Listbox showing the comment in a tooltip
Quick-Start Bar as of V.7.4 Event Reservations as of V.7.2 Dashboard as of V.7.2
There is a quick-start bar at the left side The event reservation immediately Use the dashboard function to open
of the SIHOT screen, which enables you shows the appropriate icons for orderers specific dialogs automatically after log-
to quickly access frequently used dia- who are blacklisted or on prepayment. ging in to SIHOT. This is a user-specific
logs, programmes and reports. function, so you can select exactly those
dialogs you are accessing most.
As standard, quick-start bar contains To define a dashboard-dialog, click on
the following directories: the SIHOT-icon in the header of the
respective dialog and select the com-
>> Recently used: Shows dialogs, mand “dashboard active”.
programmes and reports used
lately. This is a history of approx.
29 entries, depending on screen Event reservation:
configurations. blacklist and pre-payment
>> Tools: Directory containing pre-set
sub-folders for links, favourites and Turnaways as of V.7.2
remote support. You can call up a turn-away-dialog to
quickly record any rooms that the hotel
was unable to confirm due to rate res-
trictions or a high occupancy, for exa- Dashboard
mple. The dialog can be called up via
the Front–Office-menu or via the cate- >> SIHOT.NEWS IS
gory rack. Mark the category and the PUBlISHED BY
dates, enter “t” and the number of GUBSE AG
rooms rejected. Bahnhofstraße 28
D-66578 Schiffweiler
Using the reservation search functions,
phone +49 6821 96 46-400
you can specifically search for turned-
Quick-Start-Bar away reservations during certain peri- Order online:
www.sihot.com/newsletter
ods. The turnaways can also be shown
Apart from the standard folders, you can in the report “summary (year) availa- Issued quarterly
add further user-specific directories and ble/occupied”, where they will then be
Editor
sub-directories as required via the context listed in the “occupied”-column. Christine Ethell
menu. Then, call up the dialog to be added Marketing/Documentations
to the quick-start bar. Click on the SIHOT-
layout/Production
icon for the system menu and select www.hoch4.de
Control Panel: Add.
The quick-start bar can be (de-) activated
in the “windows-menu”.
Turn-away dialog
www.sihot.com