SAN DIEGO -- Fortune 500 companies are among the firms that retain iJet Intelligent Risk Systems to help reduce risks for traveling employees, and yet, said Bruce McIndoe, iJet president, "only 20% of them take security into account in their hotel programs."
But, he told delegates to the National Business Travel Association convention here, "if you tell your staffers what hotels to use, this is your liability." He said companies have a "legal and social obligation" to provide safe accommodations for employees.
He noted that every time there is an attack on a hotel, such as last year's attacks in Mumbai, India, the security issue is top of mind among corporations for about three to four months, "then it deep dives."
In fact, he told delegates, terrorism isn't the biggest issue, despite the horror of the incidents that do occur. The real issues, he said, are fire, security from theft or other crime and even computer security.
Firms must vet hotels for fire and general safety and security, McIndoe said: "At a bare minimum, look at fire protection and fire suppression."
As for cyber security, he said 20% of U.S. hotels have unsecured WiFi networks.
McIndoe said his firm profiles thousands of properties, and "37% of those outside the U.S. don't meet minimum standards." On the other hand, he said, Western-brand hotels do have basic standards for safety, clean water for drinking and swimming, safe food and fire protection. With their restaurants, gyms and Web access, these hotels also keep guests off the streets in the less-safe cities.
"Do you want to give up all that infrastructure?" McIndoe asked. "If so, do your due diligence" on the off brands.
The NBTA provides a list of 55 yes/no questions that companies can ask hotels to answer as a condition of doing business. McIndoe said the form is a "starting point," but the drawbacks are that it is self-reporting, and the individuals who handle the forms might not be fully informed.
He told delegates there were other options for deeper analysis, relying on consultants or security services.
He suggested requiring hotels to fill out the NBTA form, requiring minimum fire standards everywhere and focusing more heavily on hotels in higher-risk locations.
McIndoe shared the NBTA stage with spokesmen who know quite a bit about high-risk locations.
Among them was Scott Maxson, director of corporate security and safety for Hewitt Associates, a human resources consultancy based in Lincolnshire, Ill., with call centers in India. Maxson said his firm began to build a security risk management system in 2007. It paid off when terrorists launched their attacks in Mumbai in November, he said.
Hewitt had a call tree in place, Maxson said, for use in finding all staffers in case of emergency. He said Hewitt had accounted for all staffers within two hours after the attacks began.
As for employees who were traveling, he said, Hewitt learned it had solid data on air travel but did not know where everyone was staying. "We had leakage," with administrative assistants doing the shopping or locals being "host-like" in arranging hotels for visitors. As a result, Hewitt could not find staffers quickly.
Maxson said Hewitt now has a training program for administrative assistants and is looking at traveler training for those taking international trips.
He said the company had replaced the call tree with an automated system, and it is communicating more with staffers with emailed pretrip briefings and alerts that can appear before, during and after travel.
Jay Galindo, Marriott's security director for the Caribbean and Latin America, said the JW Marriott Mumbai was already at red-alert status before the attacks. Security was tightened further out of concern that the property also could be targeted, he added.
Marriott has been the target of such attacks because "we go to high-risk places, like Kabul [Afghanistan] and Iraq, because the U.S. embassies want the properties," Galindo said. "So we take all the measures we can."