WELCOME TO DOCOMO INTERTOUCH – ENHANCING GUEST EXPERIENCE
DOCOMO INTERTOUCH
Home   |   Contact Us 
Achievements
Home / Achievements
INTERTOUCH - MAKE THE CONNECTION
HP Security Evaluation

HP

interTouch Strengthens Service with Security Evaluation and Verification by HP

“We expect the HP assessment to have a positive impact on our business, as we expect our customers all over the world to be receptive towards interTouch in providing the assurance of high quality, secure and reliable services.”

- Peter Fang Kok Hong, Systems Development Director, interTouch

Challenges

  • Escalating risk levels as a result of a general increase in spam and virus attacks has triggered a need for interTouch to enhance and strengthen the security functions of their iBIS (Integrated Billing and Information System) solution, the interTouch proprietary software utilized to manage internet access. 
  • New security features built into the iBIS 7.0 system need to be thoroughly evaluated for assurance in service quality.
  • Competition and increasing customer expectations have driven the need to differentiate interTouch by offering a system with enhanced security, more functionalities and greater flexibility.

Solution

A visitor-based network solution as reliable as its predecessors, but designed to further enrich user experience and provide an intuitive, easily-configurable and highly-flexible web-based interface. This new system also features an easy-to-customise guest portal interface, network traffic quality assurance and security controls, as well as highly flexible bill plan options.

Benefits

  • Assures customers that the iBIS solution is equipped with security features that are tested and verified by a reputable 3rd party.
  • Assessed security features help to build product credibility.
  • Provides product differentiation leverage for the use of marketing and promotion initiatives. 

For 9 years, interTouch has been the provider of wired and wireless Broadband and Internet access services to international hotel chains such as Hilton Hotels, Hyatt Hotels and Resorts, Four Seasons Hotels and Resorts, InterContinental Hotels Group, Le Meridien, Pan Pacific Hotels and Resorts, Shangri-La Hotels and Resorts, and Sheraton Hotels and Resorts.

While interTouch services enable travelers to stay connected no matter where they are, the company is responsible for the prevention of spam and virus attacks on users logged on to their network.  Essentially, security, reliability and trustworthiness of their services are crucial elements influencing the reputation of the company.

Thus, interTouch took steps to ensure that the latest security features were adopted into their new version of iBIS.  In order to ensure that these features conform to industry standards, interTouch engaged the services of HP to conduct evaluation and verification specifically on the security functions of iBIS 7.0.

Ultimately, interTouch’s decision to work with HP was influenced by a previous assessment in which HP delivered excellent results.  This experience resulted in interTouch turning to HP again for this evaluation.

HP completed the Security Vulnerability Assessment, which consists of 2 modules:

  • Module 1: Black Box Penetration Testing (External)
    An external assessment was performed to mimic the behavior of a malicious hacker attempting to penetrate the system from the Internet. In this instance, a security evaluation method was utilized to stimulate an attack. This also incorporated an active analysis of the system to uncover weaknesses, technical flaws or vulnerabilities.
  • Module 2: Vulnerability Scanning (Internal)
    An internal assessment analyzes possible threats and weaknesses that can be exploited within WAN and LAN environments. This exercise was performed on-site, from within interTouch’s internal network. Specifically, the objective of this exercise was to uncover possible system vulnerabilities, and subsequently recommend mitigation measures as well as to identify areas for improvement.

HP’s comparison study indicated that interTouch had successfully enforced strong measures of security protection.  There were no vulnerabilities found during the external assessment, and the year to year comparison on the number of vulnerabilities has decreased. This represents a positive system improvement, providing users with improved security while surfing the Internet via the interTouch network.

The table below presents some of the main findings of the assessment:

No. Test Areas Findings
1. Denial of Service (DoS) attacks The VBN disables the connection from the source IP when TCP connections exceed 80,000 TCPs/second.
2. Unauthorized access to file and database servers Not possible without valid access credentials as TCP ports are filtered and protected by the firewall.
3. Visibility between users logged on to the network As connectivity between ports (rooms) is prevented, traffic sniffing or virus infections between users on the same network are virtually impossible.
4. Guests attempting to gain free internet access Attempts to alter URLs to bypass access failed, and thus free Internet access cannot occur.

However, HP’s assessment also revealed areas where the system could be improved upon.  The following were proposed recommendations from HP:

  • Display authorization usage banners on Administration pages. A statement communicating a requirement for compliance before accessing system resources need to be displayed on the login page, before granting access into the system.
  • Deploy Intrusion Detection/Prevention systems to detect malicious activities on hosts and network.

Satisfied With Service

Holistically, the entire process encompassing assessment, evaluation and implementation was completed within a period of 3 months. 

“The assessment results have assured us that our product has attained an industry-standard level of security, and therefore is commercially viable.  With this, our customers are assured that their risks in using our system will not be greater than if they were to connect to the Internet from elsewhere,” said Peter Fang.

The availability of local support and HP’s role in providing consultancy to interTouch’s project team, were key factors for the success of this engagement.

Recognizing Results

Through this assessment exercise, interTouch is now equipped with proven credibility on the quality of their application and system.  They have a stronger basis to assure their customers of product quality, as they are now able to provide proof of product testing.

Apart from that, the positive perception gained through the recognition of a secure system provides interTouch with a marketing edge.  Ultimately, this is a vital factor in the company’s quest to continuously gain market share and to increase revenue.

Finally, HP’s recommendations for improvement as a result of this assessment will be incorporated in their continuous product improvement initiatives. Over time, these new functions will serve to be instrumental in enhancing service value to their customers.



Latest News
DOCOMO interTouch to unveil world’s first mobile phone control prototype for hotels
03 November 2008
DOCOMO interTouch expanding China presence with more than 100 hotel customers
09 October 2008
Founder of Nomadix – a DOCOMO interTouch company – receives prestigious National Medal of Science
10 October 2008
Getting technology to support services growth
12 September 2008
More News

Site Tools
Print this Page
Bookmark this Page



© Copyright 2008 DOCOMO interTouch Pte Ltd. All rights reserved.  Sitemap | Legal Disclaimer | Privacy Policy | Email Disclaimer