Warner Hotels, originally founded in 1932 as Warner Holiday Camp, is a hospitality company boasting numerous picturesque country and coastal properties dotted all around the UK – including North Wales, Somerset, Herefordshire, Berkshire, North Yorkshire, Nottinghamshire, Isle of Wight, Suffolk, Hampshire and Warwickshire.
For the past four years, the company’s head of cloud and IT security, Madoc Batters, has been dealing with all the cloud and cybersecurity challenges that could be thrown at such a business.
“I came into the office just before COVID for two weeks,” he explains. “Then we were told to all go home. So, right at the start I thought ‘what have they done? I’ve moved to the hospitality industry, right at the start of COVID.”
But the trials and tribulations he’s faced in those years are not too dissimilar to those faced by anyone working in cloud and cybersecurity outside of hospitality.
“There’s not a great deal of difference between that and other verticals really. It’s the same problems, but just surface to a different clientele at the end of the day. You have to make sure that all your services, your apps and your infrastructure, are secure and they can be used without interruption.
“So it’s the resiliency, redundancy and the availability of all your services. It’s the same with every industry. If you can’t use the technology, or your customers can’t use the technology, you’re not going to be able to generate revenue. So everything needs to be up and running 24/7.
“I suppose, when you have a hotel or are working elsewhere in the leisure industry, your customers are right at the forefront. If you’re working at one of the hotels and you have an issue, you’re going to be bombarded with a number of complaints right there. There’s no escaping it.”
Warner Hotels is a staycation company. “We run about 18 properties around the UK, with two new ones in Scotland,” Batters explains. “So we offer short breaks for grown ups – that’s our line. We’ve been doing this for many, many years. We were part of the larger group called the Born group, and that included Haven, Butlins and Warner. Butlins was sold off about a year or so ago, and we’re now with Warner and Haven. I used to work for Haven. I now work for Warner, and we’re setting out to stand on our own two feet. So we’re having a bit of a separation from Haven, just to run it as a separate business.
“I’m head of cloud and IT security for my sins. My earlier career was in networking. So I was a CCIE back in 2003, so many, many years ago. Although it’s no in my job title, I’ve been given networking as well. I look after the networking side – the WAN side.”
The love of change
The main challenge Batters has faced is in affecting change.
“We do a design life cycle about the services, and find out how we can optimise those and make them better for our team and customers,” he says. “But I think the main challenge there is making sure that people come along with change. I think humans are just generally lazy at the end of the day, aren’t they? So I think we need to get them on the journey.
“I love change. It’s one of the things that I sort of pursue. Maybe I’m a bit of an outlier in that area, but it’s all about changing the culture within a company – maybe changing the organisational structure within the company as well.
“A few years ago, we went through a large change of moving from siloed, traditional teams like operations, design, security, to a more stream aligned topology, where we’d have a team that would look after a particular service or application, and it would be the you build it, you own it
“So you’d have security, design and networking all within that little unit to look after that system. Doing it that way enabled us to move to a more rapid-change infrastructure as well. That’s one of the metrics we use for success. How much change can we affect well within the business? And it’s not just the tools and the pipelines you put in place. It’s how those teams are structured and just allows fast flow of deployment and fixing issues quickly.”
One of the more recent changes at the hotel group involved Batters and his team redefining the network infrastructure by embracing a cloud-first strategy with network infrastructure-as a-service from Alkira.
Traditionally, whenever we needed to make a change to either onboard a new service or have new endpoints opening up for our firewall rules, we had to go through a traditional change management ticketing system.
“We’d raise a ticket internally. We then raise it with our external provider that would be reviewed. They would issue the change. That’s been done most of the time. It would be done correctly. But, quite often, we would check the connectivity and it wouldn’t work again.
“We’d have to go through the whole process again to make sure things are done. This could take quite a number of days, possibly into weeks. So we wanted to be able to affect change the same way that we affected change within the cloud.
“The way we’ve done that, as I talked about, we changed the organisational structure to be able to accommodate that. But the tooling we’ve also deployed everything as infrastructure, as code. We’ve employed the whole GitOps methodology. So we have version control, we store our code for infrastructure in GitHub. We have CICD pipelines we use,
so we use GitHub actions to run a pipeline that allows us to plug automation into that pipeline and also allows the engineers to approve the change themselves and not having to go through a legacy change board.
Warner Hotels wanted that same capability within networking as well. Batters met with representatives at Alkira during Amazon Web Summit 24 to discover whether or not the company’s Network Infrastructure-as-a-Service Platform was the right sort of solution that fitted their needs. And it did.
“They really attracted us because they too can use Terraform infrastructure as code,” Batters says. “So we can do that same level of change in the same way that we do changes within our cloud networking. They also use Terraform in the proper native way. A lot of networking companies will say that they use Terraform, but they’ll use Terraform provisioners. So that’s like a local exec or a remote exec provisioner to affect a call or connection into that box. It’s almost like logging into the box and doing the change by uploading a script or typing a command into it. So the next way that you would do it in a hyper scaler is an actual resource block dedicated to configure that resource. And that’s exactly how Alkira surfaced. Their use of Terraform.”
The hotel group is implementing it in multiple stages, according to Batters. “The first stage was to get our multi cloud connectivity together. We run AWS, New Zealand. We wanted that connected. Traditionally, we had that pipe down a direct connect to our on prem and then back up an express route into reserve. So we sort of looped back through our on-prem to have our multi cloud connectivity.
“We wanted that direct cloud to cloud. So we did that in Alkira really quickly, and that was probably done within the month of us getting in touch with each other. We did some parks to make sure that things work, and then we are pushing live traffic over.
“Alkira also gives us the option to have virtual files. So within the Alkira network, you can deploy a number of segments. So we have a third party segment, we have a call segment for our multi cloud, and we’re setting up a new segment for our hotel connectivity.
“Now all the flows between those segments can be firewalled with a virtual firewall. So we’ll also be standing up a virtual firewall in there to have a central security enforcement point, rather than having to push that further out towards the edges. So we’re going to be doing all that again with infrastructure as code within the Alkira network.”
Warner Hotels will also bring all of its hotel connectivity directly in through the Alkira network, so that it will act as a hub for all its central connectivity between clouds, third parties and its hotel sites.
Affecting change quickly
Batters believes it is vital to have systems in place that can affect rapid change. In the hotel business, he notes the need to react to any issues with great speed.
“To be able to do that, you need to be able to affect your change quickly,” he says. “So I think there’s going to be more and more of that in the coming years. There’s a lot of shifting left as well, which I’m a big advocate of. Make sure that your security is pushed into the pipeline when you deploy. You give that empowerment to your developers, so they can see if they’re deploying insecure infrastructure or insecure connectivity over your network and they can make those changes immediately, even before they deploy it, because they’re given an insight of what they’re deploying and a lot of automation at the back end.
“We use a number of tools that, when we do see insecurities, tickets are raised, automatically. This reduces the administrative burden of creating tickets to fix security issues, having those created automatically and having them closed down automatically when the security issues are fixed. It just stops the engineers doing all the admin. Take away the admin. Nobody likes admin.
Batters recommends that other companies ensure that their organisational structure is suited for the type of deployment that allows them to have fast change. And embrace new technology.
“We’ve embraced Alkira. It was exactly what I was looking for, but you’ve got to be bold. You’ve got to embrace new technology. You’ve got to let go of some of the old biases, which a lot of organisations don’t do. A lot of that is around organisational structure and how they affect change and adopting faster ways of deploying infrastructure and networks.”
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.
from Cloud Computing – Techyrack Hub https://ift.tt/JYLQ8G2
via IFTTT
0 Comments