Hello everyone and welcome to Hospitality Marketing the podcast, I am your host Loren Gray and this is episode #265 where each week we spend around 20 to 30 minutes sharing the most interesting tools, news, and techniques being used in marketing for the hospitality industry. We also do a quick recap of our weekly Live Video show “This Week in Hospitality Marketing” which also airs every Friday at 11:30 am Eastern US Time.. SO let’s get started;
Remember — you can find us on Google Play / Apple iTunes / iHeart Radio / Soundcloud / Stitcher / Spotify / Pandora / Tunein / Pocket cast / Breaker / ACast and the list goes on, 38 and counting to be exact. We’re even on Amazon’s Alexa, Google Assistant and Siri, Just ask to play “ The Hospitality Marketing Podcast” No matter which one you may use, if you like the show please rate us and leave a comment. That will help others find our content. Also if this is your first time hearing us, you can subscribe to our show on any of those 36 platforms as well. For an archive of all previous podcasts, you can go to hospitalitydigitalmarketing.com/podcasts and don’t forget our live video talk show that you can join and participate in every Friday at 11:30 Eastern US time, called “this week in hospitality marketing The live show”. simply go to http://www.hospitalitydigitalmarketing.com/live/ Thank You for the privilege of your time. Talk to you next week!
Hospitality Marketing the podcast Show 265 Transcripts (English U.S.)
Announcer — Welcome to this week in Hospitality Marketing. The podcast show number 265 with your host, Loren Gray.
Hello, everyone, and welcome to hospitality marketing the podcast. I’m your host, Loren Gray, and this is episode note for 265. So each week we spent around 20 to 30 minutes sharing the most interesting tools, news and techniques being used in marketing for the hospitality industry. We also do a quick recap of our weekly live video show this weekend, Hospitality Marketing, which also airs every Friday at 11:30 a.m. Eastern U. S time. So with that, let’s get started.
Announcer — And now today’s new resource tool.
So our tools from review this week are a little on a self-inspiration side, and you’ll see why it is the beginning to the technique of the week, and that is security tools. Password tools were at a time of year where we reflect upon what we’ve done historically. And of course, we’ve had the tragedy of our year this year industrywide for covid for 2020 and it has thrown us into a whole disarray is how we’ve handled things, what we do for things but It also has presented some unique issues and problems, one of which is the voids that it has created within our team system and the holes that it presents within our security systems.
And for that reason, I would like to talk about three tools that I’m familiar with firsthand and work with on a regular basis. And I’ll talk to you why I’m bringing this up in today’s conversation. The first, and I use this for my own personal security, and that is one password dot com the numeric one password dot com. I use this between myself and my family to over and coordinate all of our passwords. We found ourselves repetitively using similar passwords so each of us could long into different accounts.
It was one of a handful of passwords that we would pick from. Unfortunately, that creates a huge security issue. You can look at any Pinterest platform as to the time it takes for a hacker to cut through Ah, word only or word with one number or word with four numbers, it’s almost instantaneous. How fast they can find a password based on your old address is your old passwords, passwords they bought off of the dark Web things that use over and over. So we had worked into a system where ah lot of our familiar or regularly used unit are you.
Platforms had similar passwords. And then, for all the ones that we just touched once in a while or what have you would we would use some password code encrypt our like some jilted ish kind of thing problem when we kept that on the list. Problem was, of course, of anybody get to the list, they would have access to all those things as well, but also all of our really important passwords like phone number of phone systems and and email accounts and so forth. We’re all very, very similar, and that creates a huge issue.
Should they get hacked because then literally, those control systems of your email and your phone, your cell phone and so forth, which is used for authentication so forth get out of your hands. And that’s very, very, very, very dangerous. So he decided to instead change and use one password for everything. We keep a relatively robust one password password for a password account that we do try to frequently change. Ah, and from that we go over and then allow for the one passport to generate passwords using multiple letters, basically 10 10 units or 10 10 characters with a combination of capitals, lower cases, new Merrick’s and symbols, and that will make it that most systems take up to five years to be able to crack that kind of password.
So happy for us in that sense. So that’s what we use for our imports, because there is a business version of this, which is by bringing to everyone’s attention, you can create a business version of one passport. It’s a very robust system, very good, very user friendly. However, it’s also it takes the money. I think, around $50 for the account and you paper user honest. If you have numbers of people on the rela pricey pretty quick when it comes to that the second tools robo form that I use for business I was able to, unfortunately by one from AP Sumo Lifetime one, which allowed me to create a corporate account for it.
That’s very, very, very useful. I use that as a selling point, actually, with my clients that whenever we get access is to the platforms that we need for their their company. We put this into roboform with Ace, the caveat being that only certain people on our team would have access or be given access because of their need to to get to those accounts. And all of their user name and password were desperate. Nothing but be a series of dots, so they would never actually truly see the user name or password.
Within that account, they would only be able to go to one perform and looking for the account of the need access to click on it. And then it would also fill and go to the website or access portal that it would needed to go to, and they would never actually see that stuff. And once they no longer needed to be having access to the account, we simply take off that authority from them, and they would never have been able to see it be able to take it, be able to copy it.
And, of course, then we restricted in access ports. The roboform is very, very good with that and similar line with that, and it’s a very well used platform also is last pass dot com. This one also is great for corporate. It has a lot of value proposition for the same reasons you can create. Multiple users limit their visibility as to what they actually see. An accessibility. You don’t have to worry about King in, ah, a variety of users and then having to extract them from the platforms.
Very useful tools. Well, so those are three tools this week. One password dot com robo form dot com and last pass dot com. And that brings us up to our technique of the week.
Announcer — Now for this week’s hospitality technique.
So our technique is “securing yourself in your organization against hacks”, and I bring this up because, well, recently we got hacked. At least our Facebook been a business manager account got hacked, and I’ll explain a little bit of details of that. But one of the things that we’ve learned from this process as much as we secured ourselves there are still leaks that we can’t control things that are connected to us via other accounts that we don’t control that influence our accounts and through our account access in turn, can be damaging to our client’s case in point, um, with even double authentication required to log in tow, our business manager accounts, we try, and I would highly recommend that you do double authentication of as annoying as it is or is inconvenient.
As it is, it is critically important that you create as many thresholds that are allowed to you to increase your security for accessibility. Now, one of the loopholes that we found from this process of getting half for 1/5 our Facebook business manager, was the fact that an old employee address that was never closed down by a client was had that did have access to their business manager count, which in turn was connected to another business manager account, strangely enough, for through another Employees email address that was connected to our clients Business manager account, which was connected to ours very robust.
I mean, from the hacking perspective is like, Golly, they were simply going for the ad sets at AdWords. Accounts are true today. Edwards accounts with Facebook ad accounts protect credit cards on them now nicely. Facebook, of course, as well as all other companies don’t keep track of credit card. So it’s not as if they hijacked the credit card. They did hijack the usability of that credit card. In the ad set campaign for that client, we noticed a Chinese add built on one of our client accounts that should not have been built on our social account that were like my team member was flagged, that an ad set was made.
And of course, that raised suspicion with him. And I got notified that our backup credit card to our client was charged. And so we go in and we saw this ad set and we’re like, Well, that’s not ours. We went to turn it offices. We turn it off that trigger to whoever this hack was that we had found them well, unbeknownst to us, because we didn’t look first further, they had already made themselves at Mons to our business. Major count via email, which supersedes the secondary, said a second authentication process, two step authentication process, and as soon as they saw that were in there, they took us out.
As Admin in the finance. We couldn’t control the finance, which means we no longer control the credit cards or the accounts on those credit cards, which was dangerous, cause then they just blew up. Putting a lot of Chinese ads with Jim shirt was sent to business to generate revenues on traffic or revenues on affiliates or whatever was the monetization model that was at the expense of our credit cards that were on file for our ad accounts. Fortunately, we had good connections with Facebook. Fortunate Facebook was very responsive.
Fortunately, if you have that issue, go great directly to the Facebook chat for business support or AdWords support or add support, and they’re very cooperative. It took about 48 hours for them to shut down the accounts. They immediately paused. Everything shut Everything off the dead tree was is that it turned off all of our campaigns and accessibility to control any campaigns for our clients for that duration of time, which meant lower productivity for us. Plus, the dreaded calls declines to say. Please know that this is going on S O. That was painful to say that that has happened.
Fortunately, our clients have such respect for us. The first thing responded to is, ‘Hey, if it can happen to you it can happen to us’, which was very thoughtful. In that sense, everything was refunded back and credited back, and it really was good. And we re balance everything out and we eventually get back in control of all of our AdSense and AdWords accounts for Facebook and so forth. But the loss of productivity is the painful aspect. Theme. The fact that we were down for so many days to go over and get that process and taken care of by Facebook.
They wiped out our business manager account and so that you know some rules when a new admin replaces or shuts off. Another admit it takes off seven days before that turns permanent. And the hopes that they that you don’t find out that they did that to you and they literally hijacked your business manager account. And now you have no accessibility and no reference to Facebook to be able to do this, and it creates tremendous danger for that. So it’s always good to monitor and set of notifications on your Facebook business manager count of any changes that are going on your accounts so these things can get discovered early and fast.
One thing we learned from now on, should we ever ever see that there’s something abnormal about anything that’s going on in any of our ad accounts for any reason. The first thing we do is if we can still have access to our method of payment, go in and rip it out. Take it off. You can always put it back in later apologized to the client that ever put it back in whatever or yourself have to put your own account back in. But it is better to rip out the reason that they’re there, because even if they do take you off administrator and everything else to it, at least they can’t damage the method of payment or exploit the method of payment for that.
Now, they didn’t touch it in the pages that the business measure had account to, they weren’t out to hijack percent of pages of businesses. There was simply there to exploit the credit cards that were on file for ad campaigns, so we learned a lot from that. So my recommendation to all those of listening first go in an audit as anyone should the access abilities or current access abilities to your systems. I would first go into anybody that was previous employees or anyway, that had email accounts with you and purge or redirect all of those accounts to a catchall catch.
All email is literally anything that somebody puts before the at your website domain dot com, and make sure that the gig that goes in there so that there’s no verification authentications use abilities of that. I would then next step go in and see accesses to any platforms, such as business managers, such Azad accounts such as any of those things that require payments on it and to see who genuinely has access to that. Now that might be one step back as to who has access to the master email account.
Now, let me explain that now, when we set up our accounts not to have a client give five or 10 accesses to each of their accounts because I want each of my team members have access to it. We provide a universal email address that’s used for our clients, and we ask that that email address be added to their access list when it comes time for accessibility to their platforms and from them. One email address. My team members have the ability to you go in and log in as that one email address, and then from there, go use the password to go in and add and log into whatever they need to log into We control who has access would change the password to that email address all the time, especially after any time we remove somebody or add somebody really, actually remove him, adding them.
But we don’t really changed right after that he had owned, but we try to change it on a persistent basis so that that way we don’t run into the red of also being discovered with a password is usable. But we used the encryption one for that, and that is also hidden from our users so they don’t actually see the passport for Army. They just know that it’s there when they go into R one R robo form and click on to it to access that email account to move forward.
So there’s that. I would also recommend that to the two factor authentication, always with everything for it. I would also say that we’re going through all the paid platforms as to who has accessibility to shut off anyway. That’s not currently there, And I would also go over and say as a regime, anyway, that does have current access forced the 30 day renewal of email of passwords. Remember, with this process is a bit of a pyramid to this. The higher up the pyramid, the higher the control factor of a hack.
If they’re simply accessing an account, get into that one account that you can only damage that one account. But if they go higher up and they can actually control your email, then they could do password resets verifications through email. And if you’re not watching your email that runs that, then you run into trouble. Somebody hacking you in you not being aware of it until it’s too late and they’ve taken you off that email. You can’t control resetting passwords or verification processes, and the highest one above all of that is, if you do two step authentication is accessing your cell phone with the authenticator on him.
Now, I haven’t understood completely why, I mean to a point. I understand. But also I wish there was other ways around it. They only allow for two factor authentication one unit like your phone to be the two factor authentication source, and I understand that that restricts the ability for people to steal an iPad or our laptop or whatever. They might have it also on it. But if they get your control of your phone account and can get into your phone and literally change access that you can’t verify that it’s your phone to fight the fact that office and you’ve lost control of your phone.
And this happens with Verizon, T Mobile, ATT, all the time that if the hat can break into your phone account and take over your phone account and then in turn reassigned the verification platform to whatever they want to their phone, perhaps okay, another phone turned the SIM card change literally. Take your phone away from you. Okay, imagine how scary that would be, and from that they can now go in and change your passwords. Get into email accounts. They’ve literally become you, and there’s no there’s not no way.
But it is almost near impossible to convince ATT. T mobile, Verizon that you are who you are compared to with all of the people. The person on the other end of stolen your identity, saying that they are because they have all the information now, everything about you they can mimic everything about you that you you say you about what yourself They can go in and find out that exact same information saying, no, this person is not dying the real person, So you literally can use your lose your identity.
Remember, the apex of this problem is truly a phone. So if you’re ever gonna change persistently a password on anything, it is your phone system. Persistently consistently change it, require authentication, required things that aren’t in your phone that need to verify that you are the phone owner. Don’t put them in your phone. Now, the nice part of all these platform these tools I mentioned to you earlier one password will perform and last past is you can’t keep it so that unless the person said person hijacked your phone and that application is on your phone.
If they don’t have that password to get into it, they can’t really dive in okay and steal so much more. So don’t use the same password for your phone that you use for that because that’s an easy one for them. to figure out. Okay. Also, try not to use the same password for your emails that you use for a phone. That’s an easy one to figure out all of those things and also is a reminder. You know, it’s so convenient to save passwords into your browser. Well, as soon as they hijack your email address, they’ve hijacked your ability to all the passwords that associate with the browser for that email address.
So if you’ve added that all into your your chrome or safari or whatever, have you and they get on your phone and those air in that phone, Okay, then they now have those passwords as well, even though you may have put them in one password thing, you safe. If you’ve duplicated that on your phone, they see me on your on your computer or on your browser’s. Then they have the same access is, and it really didn’t help you. So very dangerous stuff in that sense, and there are there are out there.
They’re constantly out there. It’s a constant barrage of attack for you. So highly recommend that while we go through this budgeting and also the transition of and looking at the fact that we’ve transitioned so many of our team members and unfortunately, have had a lot of them go and so forth. This is the time. And remember what vendors you still leave connected to your accounts. They may not be your current vendor, and you may not have any good, but you may still have left them connected to this.
I unfortunately keep reminding my previous clients that I’m not doing anything currently with because I do things on the demand basis. Take me off your systems. I can always get put back on, but take me off of your systems so that you’re limiting your exposure to anybody being able to break into your systems, and you’d be surprised how little of that is actually done. A persistent quarterly audit of your accessibility to all of your platforms is a mandatory requirement. All marketers. Oh, I t people, security people.
It’s just it’s a fact of life now. So there you have it, securing yourself and your organization against hacks, and now we get into,
Announcer — Now this week’s hospitality news that you should know
We had a great life show. As always, we had lots of hosts this week, which was really a pleasant surprise. We have lots of us every week, but we had actually 11 talking heads on the screen at one point, which is I didn’t think that the platform can actually handle it, But it did. We had 10 co host of Other Than Myself, which with us was, ah, first time talking hand co host, dear friend of mine from many years ago.
Many years, actually. And that is Richard for our from for our consulting. He was vice president of franchise owners for Marriott from many, many, many, many years stepped away from them. oh, 10 years ago. I think it was or thereabouts, very talented man, great to have him on the show. Also with us was Adele Gutman, who just wished inspired her aspiration reputation, management, aspire reputation management, which, truly for anybody they could put the top four New York hotels on the map in trip advisor and consistent. Keep them for many years in a row, knows her stuff been handling from three and six out across the pond over in northern England.
Stephanie Smith, Chicago Marketing. Tim Peter with Computer Associates. Dan Michael Waxman with sous Ito, based on Hawaii. Tristen Heywood, also with three and six. Dean Schmidt, with search marketing and Baseline Base Camp Meta, who will both teach and do your medicine requirements. Ah, Stuart Butler with fuel travel and Mr Everson owns with Flip, too. So we had a great diversity of of co host. As always, we had a very nice, long open discussion that Richard actually kicked off, which was the state of the industry and what it looks forward to when he gets beyond 50% occupancy.
When we say by that is because of what Tim brought to the table that right now, even in mid 2022 it is not expected that at least 50% of the current travel market is still willing to travel regularly, which means, technically speaking, that 50% of the man is still not gonna be there two years from now. So this is a long haul proposition for us. This is a long slog, rebuilt and because of that market share, an octopus season, as we talked about on we all know from client communications or yourself.
No, you can’t operate a profitability of 50% ocracy when I brought up the conversation that we have to maybe rethink what we consider to be accepted numbers where maybe some can’t drive profitability. Maybe sustainability is really the market we have to redefine for ourselves and not worry about not be ableto too Degra date or something. The thinking that because we’re not being profitable, maybe sustainable is what we can do way. We margin ourselves just to pass the ability of being able to pay all the bills that are coming along and keep ourselves in existence until that profitability can be returned through strategic growth.
Not that that’s the pleasant thought to this. But as we’re in the budget season right now, that is a reality to this. If this is a long haul proposition in our environment of hospitality that we have to decide how we sustain ourselves in that market and keeping our old goals private, pre cove it as you know, we need, you know, 7% margin, 14% margin, 1% margin. Whatever it is, just may not be realistic with when we’re running a 50% demand. So that’s where we have that conversation. Was great conversation, highly working when you listen to it.
Um, we all start about what the brands are capable to do to help their properties and what they’re not doing, what they should be doing. Ah, lot of limitations as to what they’re offering a lot of opportunities. What they could be offering. I have been an out spoken critic of brand. It’s apparent by how they’re losing hotels, how they’re losing trust and other losing market share because of their ineffectiveness, the furloughing 44% and up of their entire internal team and not providing service baby basics to the brands but to the hotels.
But the Hotel Stover is still required to pay the same billing and fees and percentages is, to me convoluted, unfair and upside down. And that’s making a lot of owners and franchisers reevaluate their brand relationship, the value proposition of it in the both short term and long term, and what other options that might be considering to maintain their hotels operational capability. So we had some good discussion about that. We’ll start about how our vacation rentals and Airbnb reflecting their growth compared to hotels recovery. We had a bit of ah split on this as to maybe the overemphasis of Airbnb success compared to what hotels are doing.
And I was on the other side, which was Everybody is highlighting. The success is that we have so tell your should be having. Not that we can do everything that Airbnb years are doing and vb ah Rose are doing for their their inventory. I’ve recently talked about my experience going into a Viet vo of North where literally picked it because of the fact that we wouldn’t be running into a lot of people. Elevators and halls and so forth. Not there. Isolation, our own kitchen. Our capability of having our own space and be able to get out to an area without having to go through a crowd of people or share it with other people was a prerequisite to our first foray out from the house since all this started.
Um, there’s our first step away, so to speak, way had stayed. No place else. We always were around the house. We took a little road trips and so forth, but we never stayed overnight anywhere we come back that same day. This is our first chance to get away for a few days and that was our requirement. Well, how can hotels tap into that? There is a 70% plus latent demand toe our market. We’ve already talked about the fact that still, even after a long period of time, 50% of that is still not gonna be making regular travel decisions even though they’re interested in they’re not.
They don’t feel like they’re going to be doing something like that. But there is the opportunity to convince people if you do it well with content and answering questions and truth and honesty and examples and validation that you can get people to maybe make the decision to come and stay with you and we’re all competing against each other is terrible is to say, as much as we are competing with the perception of travel in the value of hospitality to the world at this particular point. We also had a really phenomenal point counterpoint discussion between Dean Schmidt and Stephanie Smith as to about medicine.
It’s the pros and cons. That was because Stephanie released an article which you know I don’t completely agree with. But she made some very good valid points as to the lack of value for medicine for brand or any hotels at this particular point because she was talking about the lack of incremental value to this. And then Dean was very good being the medicine expert that he is on countering what a lot of those points would be. And, yes, there is the of the lack of incremental ITI to a certain degree.
But what you also have to calculate into it is the value of unrealized revenue by them. Money mean by that is the lack of having paid commissions for third parties and the ability to make presence of direct channel were where you were before and that value proposition of those as well. That was a great discussion of that as well. So the article that I want to talk about was actually not shared by Robert Cole on his Fabrice the curated list that you have always the ability to sign up for free.
Simply go to Billy B. I. T. L Y Ford slash rock Cheetah All lower case, no space. And from there you can sign up for his newsletter. That we use is a baseline for our topics and discussions during the week, including our car guest co host that come join us. But this article was from Otay insights dot com on their blawg, and that was how to forecast with confidence at your hotel. And what I enjoyed about this was it was a nice, rational breakdown off being in the budget season that we are and forecasting being so a critical of what it is that you need to be able to do forecasting.
Because right now everybody’s just shaking there, going, Oh, I can’t do it. It’s not like you’re right. It’s not like it was before, and they made that very clear in The article we used to forecast on a say 30 day basis, we were forecast, would keep our forecast up to dates with actuals and so forth. But pretty much we would be rolling over forecasts on a weekly basis on a 30 day forward mentality that doesn’t exist anymore. It’s almost a daily forecast in daily impacts in daily variances, and they talked about what you need for current market data.
Past performance data, future performance data. Um, how can you do these things? And one of the key elements that came out of this and one things I would like to add to what it says. It is no longer just revenue software and revenue data that is so important in this forecasting model. You need marketing inside your marketing data. You need lead times, Discovery Times discovered. One is I’ve talked about it many, many times when I was able to tour with the HSM as rocket program in 33 cities around North America was the convergence of revenue management, marketing and sales to reflect and share the date of the each of them share with a common K P I for common goals is really the solution process that is reality. Now.
It’s no longer discussion points, not about what if and when. If you’re not doing it, you’re losing market share. If you’re not doing it, you will not stay in market. If you’re not doing it, you will not succeed. It is a mandatory requirement of a car of our current industry from now going forward that there is a collaboration, cooperation and symbiotic relationship between these those three entities and is critical component. This article did a wonderful job of reemphasizing that as well. So the article is ot eight sides dot com.
Um, but they’re blawg, which is how to forecast with confidence at your hotel, said it. That’s our news and show review. Remember, you can find us on Google Play Apple iTunes I heart radio sound called Citrus Spotify Pandora Tune in the list is 38 9 38 platforms and counting. You can even find us an Amazon. Alexa Google assistant in Syria, just asked to play the hospitality marketing podcast and no matter which one you may use. If you like the show, please write us and leave a comment. We love to hear your feedback in insights and, of course, any suggestions you have as to what you would like to hear on the show and place.
It helps others find our content, which hopefully you’ve enjoyed as well. Also, this is your first time hearing us. You can subscribe to our show on any of those 38 platforms as well. For an archive of all previous podcasts, you can go to hospitality digital marketing dot com, forward slash podcasts That’s within S. And don’t forget our live video talk show that you can join and participate in every Friday at 11 30 Eastern U. S. Time called This Week in Hospitality Marketing The Live Show and for that you civic and go to Hospitality.
Digital marketing dot com forward slash live that you can either register or play back any of the previous tour in 65 shows that we’ve been doing for now in our seventh year, and we are in 32 countries. We translated in 10 hours, seeming 11 languages, English being one of them that we play back for. And we also play that in a variety of time zones for the 32 countries as well, so that everybody gets it not at weird hours, and we thoroughly enjoy ourselves with 25,000 people a week. So again, thank you for the privilege of your time, and we look forward to talking to you next week.
Announcer — You have been listening to this week in Hospitality Marketing, the Podcast show 265 brought to you by hospitality Digital Marketing in support of the HSMAI, the Hospitality Sales and Marketing Association. International rights reserved, copyright, 2020