Why June’s National ICT Month Is the Right Time to Implement VLANs, Firewalls, and Network Segmentation.
Written by Sher Louie Sioteco, Chief Technology Officer of Servo IT Solutions, who brings decades of experience in software development, systems architecture, and hospitality technology innovation. He is passionate about helping hotels embrace secure, future-ready digital solutions that enhance operations while safeguarding critical business and guest data.
Every June, the Philippines celebrates National Information and Communications Technology (ICT) Month, a reminder that technology plays a central role in business operations and customer service. This is especially true for hotels in major tourism destinations such as Boracay, Cebu, and Palawan, where digital systems support reservations, check-ins, payments, and guest connectivity. While these technologies improve convenience and efficiency, they also introduce cybersecurity risks that must be actively managed.
The Digital Reality for Hotels
Modern Philippine hotels operate multiple interconnected systems:
- Guest Wi-Fi Network
- Property Management Systems (PMS) for reservations and check-ins
- Point-of-Sale (POS) Terminals
- Administrative and accounting networks
These systems process personal and financial data, making them potential targets for cyber threats. Because hotel systems routinely process large volumes of guest information, a security incident can have significant operational, financial, and reputational consequences.
Legal Context
Under the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), hotels that process personal information must implement reasonable and appropriate organizational, physical, and technical security measures to protect personal data from unauthorized access, disclosure, alteration, or loss.
This includes data such as:
- Names, contact information, and travel history
- Passport or ID numbers
- Payment card and billing details
- Special requests implying personal or sensitive information
Failure to adequately protect personal information may expose an organization to regulatory action, civil liability, criminal penalties under applicable laws, and reputational damage.
Three Core Security Measures Hotels Should Strongly Consider Implementing
1. Network Segmentation
Network segmentation divides a hotel’s network into separate zones, ensuring that a breach in one system cannot spread to others. Common segments include:
- Guest Wi-Fi
- PMS and front desk operations
- Administrative networks
Segmentation reduces risk and simplifies monitoring.
2. VLAN Implementation
Virtual LANs (VLANs) are technical mechanisms for segmentation.
Critical systems such as guest Wi-Fi, PMS, POS terminals, and administrative networks can be assigned to separate VLANs. VLANs logically separate network traffic into distinct broadcast domains. Access between VLANs should be controlled through routing and firewall policies. Proper VLAN design ensures guest devices cannot access operational systems, while simplifying network management.
3. Firewalls
Firewalls enforce rules about network traffic flow between segments and between the hotel network and the internet:
- Restrict unauthorized access between guest and operational networks
- Log and monitor network activity for troubleshooting, auditing, and security investigations
- Block known malicious connections
Even simple firewall rules combined with segmentation and VLANs form a strong security foundation.
Balancing Security and Guest Convenience
In hospitality, cybersecurity cannot be considered in isolation — guest experience is paramount. Hotels must protect critical systems and guest data while ensuring that everyday services, particularly internet access, remain fast, seamless, and user-friendly. The tension between security and convenience is one of the most important considerations in designing hotel networks.
Understanding the Trade-Off
Too tight security: Complex login procedures, frequent password changes, or restricted access can frustrate guests. Overly restrictive firewalls could block legitimate applications such as VPNs or streaming.
Too loose security: Open or minimally protected networks increase the risk of unauthorized access, malware, or ransomware, and put both guest and hotel systems at risk.
The goal is controlled openness: the network is secure, but guest experience remains intuitive, fast, and reliable.
Practical Strategies for Balanced Security
Hotels can achieve this balance through layered controls and thoughtful design:
- Separate Networks
- Guest Wi-Fi should be isolated from operational systems via VLANs
- Guests can connect freely without risking PMS or financial systems
- Simplified Authentication
- Use session-based credentials or one-time login codes rather than complex passwords.
- Avoid requiring guests to complete lengthy forms or install additional software.
- Controlled Bandwidth and Device Limits
- Limit the number of devices per guest session.
- Implement fair bandwidth allocation to prevent a single user from degrading service for others.
- Client Isolation
- Each device in the guest network is isolated, preventing guests from accessing each other’s devices.
The goal is simple: protect hotel operations and guest data without making technology difficult for guests to use. Guests remain happy, operations remain safe, and the hotel demonstrates digital professionalism.
As an additional layer of defense, hotels may deploy Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS), either integrated into firewalls or deployed as dedicated security appliances. These tools can help identify suspicious activity and, in some cases, automatically block malicious traffic before it affects critical systems.
These measures strengthen security but should always be designed to minimize friction for guests.
Conclusion
National ICT Month reminds hotels that digital infrastructure is critical to business and national trust. As a foundational cybersecurity baseline, hotels should strongly consider implementing:
- Network segmentation through VLANs
- Firewall protection
These measures help protect guest data, support compliance efforts under Philippine privacy regulations, and improve operational resilience. Balancing these safeguards with a positive guest experience ensures both security and satisfaction — a core goal for modern hotels in a high-tourism economy.
With thoughtful design, hotels can achieve secure, efficient, and guest-friendly networks, contributing to business success and the broader national ICT agenda.
