Set in over 130 acres of beautiful Lancashire countryside, Ribby Hall Village offers luxury, self-catering accommodation for short breaks and holidays all year round, alongside a 5 Star, award-winning Spa Hotel. Rated 5 Stars by Visit Britain, Ribby Hall is situated in the picturesque village of Wrea Green near the bright lights of Blackpool and the Lake District. Ribby Hall’s extensive range of facilities caters for the local area with their sports facility, hosting corporate occasions, conferences, weddings and team-building events. Keeping their data and their guests’ data secure is of paramount importance.
A series of high-profile data breaches in the hospitality sector have hit the headlines in recent years, with the industry being prime real estate for harvesting credit card details and personal information. To address this risk, IT Manager, Steve Lonsdale and Infrastructure & Support Manager, Blake Sale, spearheaded the Identity & Access Management (IAM) Project to tackle these growing cyber security risks facing Ribby Hall.
Cyber Security & Password Risks
The IT team at Ribby Hall recognised that weak passwords and practices by staff were creating a risk. Additionally, the high staff turnover within the hospitality industry increased the risk that ex-employees retained access to key systems. Steve Lonsdale, IT Manager, explained, “The hospitality industry by its nature has a high turnover of staff and training them to be cyber aware was a challenge. Weak passwords were an issue; however, our biggest concern was that employees knew passwords, and this was a risk when they left the organisation. Our systems contain sensitive client information and unauthorised access presented a significant risk.”
IT Administrative Overhead for User Lifecycle Management
High staff turnover created the administrative headache of provisioning and revocation of application access for users. Blake Sale, Infrastructure & Support Manager, explained, “The hospitality industry suits short term staff and as a consequence when these staff join and leave, it creates a significant user lifecycle management overhead. This had a significant impact on my team’s time, with a huge amount of manual effort required to manage access.”
Password Reset Requests
Password fatigue was an issue for end-users, with employees regularly forgetting the passwords they needed to carry out their job. Blake Sale explained, “Our helpdesk would be inundated with password reset requests from users who forgot their logins. Not only did this impact our helpdesk team, but it resulted in downtime and loss of productivity for the users themselves.”
Ribby Hall chose to implement My1Login’s IAM to solve the trio of challenges: password-related cyber risks, password reset requests and the administrative overhead of user lifecycle management. Steve Lonsdale, IT Manager explained, “My1Login’s IAM solution enabled us to solve a range of challenges, from cyber security risk and improving efficiency within the business, to reducing the time our IT team would spend on non-core administrative work.”
Blake led the implementation of My1Login within Ribby Hall and explained, “My1Login was easy to implement, taking less than a day to install and get the first user up and running. It was a significant benefit having My1Login on-site helping us during installation and I’m very happy with the support they provided in ensuring we delivered for the business.”
Blake added, “Our users access a disparate number of systems, ranging from web portals to on-premise Windows desktop applications. My1Login’s solution provided Single Sign-On (SSO) for 100% of the apps in use across our business, a remarkable feat.” My1Login’s Single Sign-On enables users to access all their applications without having to create, manage, enter or even know passwords for these apps.
Blake continued, “Onboarding users took less than an hour. Little training was required for our users and they have reported an improvement in how they now access their apps, finding My1Login extremely helpful. It’s important that the software we deploy within Ribby Hall is a benefit to our end users, as well as delivering security and efficiency benefits across the business.”
Steve Lonsdale, IT Manager explained, “My1Login enabled us to remove a number of password-related cyber risks, strengthening Ribby Hall’s cyber security posture. The passwords that protect our applications are now strong and unique, helping prevent unauthorised access. Additionally, weak password practices by staff have been eliminated and we have a full audit trail of who has accessed what applications and when.”
Blake Sale, Infrastructure & Support Manager, added, “My1Login has provided an extra layer of security meaning we don’t need to furnish end-users with passwords to access their apps. My1Login provides SSO to the apps, without the risk. When a user leaves the business we close their Active Directory account and their access to web and Windows desktop apps is automatically ceased. This has also helped with PCI compliance.”
Blake added, “The user lifecycle management provided by My1Login has significantly reduced the IT overhead on my team. Before My1Login, a huge amount of time was spent on manual provisioning and revoking access for our users. With My1Login deployed, we’re also seeing a dramatic reduction in the number of password reset requests, relieving a burden on my team.”
Blake added, “Feedback from our users has been positive. While My1Login can be implemented in a way that is invisible to users, our users like the My1Login portal view. This presents our users with all their apps in a single view – they can even launch Windows desktop applications from the web portal. Having this single interface for all our applications has been a real benefit in simplifying user access to apps.”
Steve Lonsdale, IT Manager, explains there were four main reasons why Ribby Hall chose My1Login over competitors “the client-side encryption security model, the compatibility with all application types, being based in the UK and the awards My1Login has been recognised with. It was key that when we implemented Single Sign-On that it worked with all applications. My1Login was the only solution on the market that could provide SSO for all of our Windows desktop applications, together with our web app estate.”
Steve added, “What gave us confidence in My1Login was the security model that ensured total separation of the encryption keys and the encryption data. Keeping our clients’ data secure and private is key and My1Login’s client-side encryption means even they cannot access our data. Being a UK company was a definite benefit for us in the working relationship.”
Blake Sale added, “I would recommend My1Login to my peers and I would encourage them to take advantage of the My1Login teams’ expertise during implementation. My1Login is great and having all apps accessible via one interface adds real value for us and has been really well received by users. This is remarkable as users are often quite reticent to adopt new technologies.”
My1Login IAM Products
Infrastructure & Support Manager,