Another Marriott Breach, Ho Hum


By Robert McGarvey

In other news on March 31, Marriott disclosed what it called a “Property System Incident.”

We interrupt that to report a shoplifting at a dollar store, cutting now to the live police feed of this dramatic story.

You probably missed the Marriott news because it was an otherwise busy day with acres of – grim – Covid-19 reporting and with projected US death totals now reaching into six figures, shortages looming for ventilators, inexplicable mask shortages, and, well, who really had the bandwidth to process yet another report of a hotel data breach?

Not us.

Marriott doubtless hoped you would miss it because the company’s statement is calculatedly blah.  It says just about nothing and that’s tipped off by the word “incident” in the headline. Meaning absolutely nothing.

But the Marriott statement does note the personal info of about 5.2 million Marriott loyalty members apparently was compromised in the “incident.”  It elaborated:

“At this point, the company believes that the following information may have been involved for up to approximately 5.2 million guests, although not all of this information was present for every guest involved:

* contact details (e.g., name, mailing address, email address, and phone number)

* loyalty account information (e.g., account number and points balance, but not passwords)

* additional personal details (e.g., company, gender, and birthday day and month)

* partnerships and affiliations (e.g., linked airline loyalty programs and numbers)

* preferences (e.g., stay/room preferences and language preference).”

Marriott added: “Although Marriott’s investigation is ongoing, the company currently has no reason to believe that the information involved included Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver’s license numbers.”

The real take away from this: the continuing indifference of the hotel sector to protection of guest data. How many breaches have to occur – from Trump hotels to Starwood and Hilton and just about everybody else? How many stories have to be written? Somebody needs to say, this is a problem.  It needs to be fixed.

Actually we’ve been saying all for that for some years now and nothing has changed.

We need a new campaign.  Complaining about hotelier incompetence is not enough.

Real change will start with us. 

We share culpability. We put up with it.  For some time I have suggested that probably the only safe way to stay in a hotel is with a bogus travel credential (a novelty Irish driver’s license for instance) and using a credit card paired to the bogus ID. Then annually burn that identity and create a new one.

Shop for ID online. Here for instance.  Note: I am not suggesting using any such ID to drive a car or any similar activity – many of which might be illegal.  Rather, I am suggesting we take a trick from the oldime restaurant critic’s playbook – from the era where they practiced anonymity – when every big newspaper and magazine handed out credit cards in bogus names to their critics so they could make anonymous reservations. As long as the bills got paid, no harm done.

We’d be a lot safer in hotels if we did something similar today.

A lot of work? Yeah. But so is the persistent credit monitoring we all do because we have been involved in so many data breaches, many involving hotels and restaurants.

In Marriott’s defense this breach was detected quickly by hotel standards – often years go by. In this case, just months.

But worrisome is that two employee accounts were apparently the tools.  And that they were used to perpetrate large amounts of data exfiltration that should have been detected and stopped quickly.  Screens against substantial data exfiltration just are good practice in well run organizations.

Not apparently in Marriott.

So what should you do now?  Paul Bischoff, privacy advocate with Comparitech, said: “The biggest threat Marriott guests might face as a result of this breach is targeted phishing. Guests should be on the lookout for targeted messages from scammers posing as Marriott or a related company. Don’t click on links or attachments in unsolicited emails. Check email addresses and don’t just trust display names. If you’re uncertain as to whether a message is legitimate or not, ask Marriott using contact information found through Google.”

Remember that. If you are among the 5.2 million you will begin getting targeted phishing emails as soon as the data sells on the dark web. And it will go on for years.

That novelty driver’s license is making ever more sense? 

It’s up to us to protect ourselves.  It’s become that obvious.

When Will Business Travel Resume?

by Robert McGarvey

The Global Business Travel Association had to know so it popped the question we have all been pondering: when will we be back in full business travel mode?

The organization conducted a poll and it found – no surprise – that coronavirus had wiped out lots of business travel. One metric makes the impact clear: asked what percentage of trips that had been slated for March were cancelled, the answer was 89%.

41% said all business trips had been canceled. 53% said “essential” travel was still allowed.

Exactly 0 percent said their organization had not canceled or suspended business trips.

We are in a no travel mode and the question becomes, when will something approaching ordinary business travel levels resume?

GBTA asked exactly that question: “When do you expect your business travelers to resume regular travel to the countries or regions that have been canceled or suspended due to the Coronavirus? Do you expect travel to resume within the next. . . “

Understand, 40% said they were unsure.

0% said more than 12 monhs.

1% said 12 months.

The eye popper of a number is that 40% said within three months.

17% said within six months.

That makes 57%, a solid majority, who believe something approaching normalcy in business travel will resume by September.

What do you think?

Color me skeptical.

Here’s a metric on the impact of 9-11: “In August 2001, the month just prior to the attacks, U.S. airlines boarded 56.3 million passengers for domestic service, a number that plummeted to just 30 million in September. And for two anxious days after the attacks, the passenger count was zero. It would take three years for carriers to once again reach the 56 million mark.”

Many factors came into play in the aftermath of 9-11: real fear of flying coupled with an economic downturn but, in many respects, we have the same issues at work now. Some people are afraid to fly because of fear of catching coronavirus and then there is the near economic malaise that the nation is slumping into.

Airlines again are taking it on the chin in the coronavirus age. Best guesses are that they have years of pain in front of them.

Then there is the hotel question. How many will be closed? How many will be enlisted into service as homeless shelters? Perhaps as makeshift hospitals?

Some guesses are that half of all hotels in the US will close for some period due to coronavirus.

It will take some time to re-open as a hotel. Staff needs to be recruited. Trained. The big brands probably will navigate these issues with some skill. Many independents won’t. Many independents – which comprise 40% of the US hotel stock – probably will not reopen soon.

Meantime, other, transformational changes that are reshaping business travel are afoot. For instance: many of us – perforce – are discovering the ease and effectiveness of meetings via Zoom and similar tools.

Do a few Zoom meetings and you may not see the need for oldfashioned face to face. Will Zoom replace the traditional face to face sales call? Probably not. But similar tools will eliminate the need for many face to face meetings.

And the hustle and bustle of traditional events seems ever more dated to me. I do not expect a quick rebound in events business, mainly because so much of how we come together just is oldfashioned and no longer appropriate.

One GBTA question hints at the possibility of broad impacts: Do you think the coronavirus will change the way your company conducts business
once there is no more threat from the disease?

54% said yes. That’s the number to watch. There are many reasons for business travel to undergo a transformation and one factor is the generational shift of the travel burden from Baby Boomers to Millennials and it just is not clear that Millennials want to travel the way Boomers have.

Add it up and I am profoundly skeptical that business travel will rebound in three months. My guess is that we will see an uptick in the fall and probably spring 2021 is when we can begin to think something akin to “normalcy” has returned. That’s about a year from now.

And as for event design, watch for huge changes. It’s overdue. And now it will flourish. Be very skeptical about signing up for distant events – many just won’t be happening.

The era of business travel change is upon us. And that’s a good thing imo.

What do you think?

Stop Complaining About Covid-19!

By Robert McGarvey

It’s become a gripe fest.  People complain that they have to work at home, that the supermarket shelves are stripped of toilet paper, and – above all in the circles in which I move – we complain that business travel is basically on hold and just about every meeting and event has been cancelled.

That might seem fodder for lots of ranting from me in these columns. But, personally, I am struggling to stifle it.

Yes, I am impacted. Yes, trips have been canceled. Events have been canceled. Even a milestone college reunion of mine has been postponed.

Yes, the ineptitude inside the White House has made a fraught situation wretched – and it is hard to explain why there are nowhere near enough test kits, why the White House communications are packed with lies, and why six to eight weeks were lost due to incompetence at the top.

But here’s the deal: complaining would do no good.

And the cancellations and isolation that are our norms today are apparently doing some good.

The Skift headline frames the issue: No, It’s Not Fine to Keep Hosting Live Events. 

People have gotten sick with the coronavirus due to meeting attendance.  Proceeding with a meeting or event is foolhardy. That’s why so many have been canceled

Ditto business trips.

Sure, I get it, if the White House had not been inept we probably would have made much greater progress in taming this disease. But it wasn’t and so we use primitive but probably effective techniques such as social distancing and self quarantines and the impacts on life as we knew it have been profound.

But many have it a lot worse than we do.  I groan when I think of my canceled college reunion – I am Reunion Chair! – but then I think of the millions of college kids across the country who have in effect been evicted and told they are doing tele courses, like it or not.  Yes, I can see big lectures working fine as tele courses but many of my classes were small philosophy seminars with maybe a dozen students and lots of discussion and argument. How does that work now? And what about the social learning that makes college such a useful and perhaps distinctly American institution?

Then there are the impacts on the neediest. Andre House in Phoenix, which nightly feeds 500 or so homeless, has put its sitdown dinner on hold. Sacks of food will be distributed instead – but wouldn’t you much prefer a sit in a convivial atmosphere where volunteers treat you like you matter (and I have volunteered a number of times).  The homeless won’t starve. But they will be deprived those human moments that for many made dinner at Andre House special.

Now think of the many whose employment has been cancelled, or at least hours and income have been sharply reduced. Tens of thousands of restaurants are closed, or trying to make it on delivery only, and literally millions of employees and thousands of owners are scrambling to make it another week.

Think of the tens of thousands of flight attendants whose hours have been sharply reduced.

Or the hotel housekeeping staff who don’t have rooms to clean because there are no guests. Innumerable hotel workers face unpaid furloughs.

In China, it is difficult to see any recovery of the hotel business this year and maybe not next year.

Italy has major recovery struggles ahead.

Big questions loom. Will business travel ever return to its previous levels? Will events and meetings? Will flygskam rule?  Maybe our old habits will never resume.  

Etc. etc. and before we even get to the recovery phase we have to get out of the sickness and death phases and we have to be ready to mourn perhaps millions.

Easy it is to complain – and trust me I was annoyed when I saw shoppers last Saturday had stripped a central Phoenix Whole Foods bare of frozen pizza, dry pasta, and of course toilet paper, dish soap, and hand soaps.

But who to complain to?  

So many of us, in a panic mode, have slipped into a comfort zone where hoarding produces a kind of comfort and cursing out people who cancel our events seems normal.  It may not be rational but it is how we seem to think.

Do I want to look in a mirror and shout at myself?

No, that’s why I keep telling myself to stay cool.  It’s not easy. Not these days. But what better strategy do we have?

Would You Cruise Today? The Coronavirus Files

by Robert McGarvey

You know the hideous story of the Diamond Princess and the equally grim tale of the Westerdam, a Flying Dutchman vessel that sailed from Asian port to port trying to find a place that would let its passengers disembark. This is the worst of times for the cruise industry, with many experts saying booking are down 15% and more – and nobody is saying how many passengers have tried to cancel their reservations.

And then there is this Pollyanna moment from WHO, the World Health Organization, which wants you to know that cruising is safe. Mike Ryan, executive director of WHO’s Health Emergencies Program said in a press briefing: “People who say we should steer clear of cruise ships or steer clear of airports or steer clear of certain ethnic groups and steer clear of other things, we have to be really careful here. We need an approach to managing risk that allows us to continue to operate as a society while minimizing the risks.”

He added: “These are manageable risks and again we need to reflect on the fact that the vast majority of these cases are within China.”

I am sure the Diamond Princess passengers are relieved to hear Ryan’s assurances. Not.

Thousands of them spent two weeks in their cabins, by order of the Japanese government. The US government then flew home hundreds of them – but on arrival on US soil they are required to spend two weeks in a government mandated quarantine.

How would you like to spend a month of your life that way?

The Diamond Princess had 500+ cases of coronavirus.

I have written about cruising for maybe 20 years. I have been on many cruises. Generally I am a big fan of cruises – for some destinations a cruise is the ultimate travel modality. The Greek isles, for instance. Ditto Alaska.

Generally, too, I believe cruising on today’s modern ships is quite safe.

But I have also studied exactly how fast – and how virulently – norovirus has spread on cruise ships and this has happened often in the past 20 years. Globally, there are an estimated 685 million cases of the disease annually, with around 200,000 deaths.

Cruise ships have been particular targets. A ship is a contained environment, many thousands of people are in close quarters, and the disease spreads. As recently as this month a ship was denied docking in Gibraltar and forced to return to England where it had sailed from, after some 89 cases were diagnosed.

Here’s the deal however. Cruise ships have become adept at implementing sanitary protocols to limit the spread of norovirus. Sure, there still are epidemics on ships – but cruise lines are a lot more successful in containing the disease than they were a quarter century ago.

You can’t say similar about coronavirus. In a month, maybe, and I for one definitely hope so. But not today when our ignorance abounds.

Nobody knows how to fight coronavirus, least of all on board a cruise ship and its contained environment.

Does that mean just don’t cruise?

Here’s a more precise question: Would I do a Greek cruise today? A Pacific cruise from Singapore to Hong Kong? A Norwegian fjord cruise?

Consider that an IQ test type odd man out test question because I would in fact do two of the three, but decline the third.

Am I afraid of coronavirus? Strangely perhaps, not so much. Early indications are that this coronavirus – specifically COVID-19 – is highly infectious. But its mortality rate appears to be much smaller than, say, SARS or MERS.

What scares the heck out of me are what I do not know about the disease – and neither do the researchers. We are still hunting for best treatment modalities, cures, vaccines, and so on.

What also scares me is the Diamond Princess story. Who wants a four-week quarantine to cap off a cruise?

My advice in regard to cruising is this: avoid Asia cruises. I would not take one. Six months from now, maybe, in fact I would love to – once the coronavirus episode is resolved.

What about other destinations? It’s up to you, not me, not a WHO expert, not your travel agent. Know the risks – and thus far I know of no coronovirus cases on cruise ships in Europe, say. And make your best decision.

In times of rampant norovirus outbreaks on cruise ships I knew dozens of people who refused to cruise because of it. That was their call and they were entitled to it.

The exact same is true today. I can tell you what I will or won’t do. I will not tell you what to do.

Neither should a WHO boffin.

Cybersecurity in 2020, Roadwarrior Edition


By Robert McGarvey

Now is the time to take stock of our defenses and I’m not talking about pickpockets and hotel safe thieves. What I mean is guarding against cybercriminals who, unfortunately, prey on business travelers particularly – everywhere from coffee shops to airports to hotels, even whole foreign countries.

A few steps will keep your data safe on the road and it is vastly more valuable than the devices themselves. At least in my case where I usually travel with a five yearold Chromebook, somtimes an iPad Air 2 , neither having much value. The Pixel 3 XL phone has a little value but not much. A suggestion: always travel with disposable tech gear that you won’t miss.

It’s the data that I am concerned about because a criminal could feast on my financial accounts and maybe find a way to monetize data gleaned from emails and documents, many thousands of both on my devices.

Here are my steps towards safe travels.

Countries That Spy on You

Whole countries? You bet.  Visit China and you will hear that the “Great Firewall” means you cannot access Gmail and lots of other websites. You will also hear that, psst, use a VPN – only certain vendors pass muster and the list is a changing target – and you will be able to surf to Gmail, Facebook, you name it.

But you have to wonder: is the Chinese government monitoring that VPN traffic and do they have keys that decode it?

Know too that high level security consultants – with clients inside the Beltway and on the highest floors of Fortune 100 office towers – urge their clients to bring a clean computer and a clean phone, no business data on either, and to never access sensitive information while in China because your devices will be copied on your travels.

Not might be. Will be.

Maybe not the gear of Bob Schub, average citizen, but if there is a reason to think you might have interesting info on your computer or phone know it will be copied.

Do not bring your every day business computers or phones to China. Don’t.

China is not alone. Here’s a map of the world with nations that heavily monitor Internet traffic highlighted. There are places you might not go – Saudi Arabia – and there are places you might go that monitor at least some traffic (Russia, Turkey).  Know before you go and, when in doubt, use clean devices when traveling overseas.

Password Protect Your Phone

At least once a month a friend or neighbor asks me, what do I do, I was traveling and I lost my phone?

Sometimes they say it was stolen.

It doesn’t matter.  You probably will never see it again.

Know this happens, take steps now to protect yourself.

Set up Find My Device (Android) or Find My iPhone in Settings.  Now. When you lose a device it may help you find it and – crucially – it may let you wipe the device which means erasing all personal data.

Also, lock the phone, with a PIN or biometric, in Security (Android) or TouchID and Passcode (Apple).  That simple step will keep most criminals away from your data and, in most cases, they only want the phone hardware anyway.

The data is more valuable than the hardware but most criminals are grab and run small change crooks and that’s the good news.

Just take the two simple steps above and, yes, you can cry about losing a $1000 piece of hardware but at least your data and bank accounts will stay safe and that is what matters.

Never Use a Public Phone Recharging Station

You see them in airports, also at meeting venues. Don’t use them.  They are a fast track to getting hacked. It’s tempting. Your phone is beeping for juice.  Just let it die. Or always carry a plug when on the road, as I do. Often there are two in my bag.  They do get forgotten in hotels, a spare is a good idea.

Don’t Use Public WiFi

Never, don’t.  That means no public WiFi at airports, coffee shops, and definitely not hotels.

You say you are protected because you use a VPN.  Good luck with that (read about China above). Know that there are known vulnerabilities in consumer facing VPNs and there also are vulnerabilities with enterprise grade VPNs.

Personally I sometimes use Google’s VPN on a Google Fi phone when accessing the Internet but generally I am reading the news or checking a website and if that traffic is hijacked, so be it.

My preference is to create a cellphone hotspot and access the Internet via cellular data networks. A few clicks in setting and you are in business.

You really think public WiFi is faster and of course it usually is cheaper? There is one safe way to use public WiFi – read the next step.

Use a Secure Cloud Based Browser

When on the road and accessing sensitive data via public WiFi, I use Silo, a remote browser that processes all data remotely, in the cloud. (Here’s a paper on the technicalities.) It then transmits an encrypted display of the data to you so you “see” the web page but any computing functions have occurred in the cloud, at a remove from your computer.

There are other remote browsers.

Whichever you use, know that when you look at a page with toxic code, no prob, the bad stuff happens in the cloud. Not on your computer.

And eavesdroppers – who often listen in on public WiFi sessions – will only see an encrypted data steam that won’t mean a thing to them.

That’s five steps. Take them and there’s no guarantee of data security on the road. But you can know you are taking steps to secure your phone, your computer, your Internet traffic. And that puts you in a safer place than 99% of travelers

CU2.0 Podcast Episode 69 Casey Boggs on Reputation Management, Hackers and You

What are people saying about your credit union?

That means members, staff, and community members?

And how does a nasty hack impact your reputation?

Meet Casy Boggs of ReputationUS, where the business is in fact reputation management and a primary emphasis is work with credit unions.

You think you have a great reputation? Don’t guess. Know. Get a reputation audit done and be prepared to be surprised by the results.

Particularly interesting is how a hack impacts a credit union’s reputation, a topic Boggs has studied in depth.

Among his findings: 48% of us are very unlikely to remain a member if their data has been hacked and then used to set up a bogus credit card account.

Good news, per the survey, is the vast majority of us hold credit unions in high reputational esteem.

But don’t take it for granted.

Boggs says in this podcast that too many institutions are unprepared to deal with events that involve a reputational hit – they lack a plan and a plan can smooth the path to recovery.

Bad stuff happens. Are you prepared?

Find out what’s involved in this podcast. Listen here.

Like what you are hearing? Find out how you can help sponsor this podcast here. Very affordable sponsorship packages are available.

Find out more about CU2.0 and the digital transformation of credit unions here. It’s a journey every credit union needs to take. Pronto

Why Hospitality Companies Are Cybersecurity Laggards

by Robert McGarvey

For some years I have reported on cybersecurity fails on the part of airlines, hotels, and miscellaneous other travel players. In the background always a question haunted me: why are so many travel companies so bad at cybersecurity? Sure, hackers hack just about everything but travel companies seem favorite targets, in part because they are indeed sources of valuable data of affluent people but also because, somehow, they just seem less capable at protecting their digital valuables (our digital valuables).

And now there’s a suggestion from Bitglass, a cloud app security broker, that just maybe hospitality companies are in fact utterly deficient in cybersecurity. In its report An Analysis of Cybersecurity in the Fortune 500, Bitglass said it “conducted research on the 2019 Fortune 500 in order to identify whether the world’s leading companies are prioritizing information security and customer privacy. Their websites were scoured for keywords, phrases, and executive security personnel in order to learn about the steps that they are taking to protect personally identifiable information (PII) and customer privacy.”

Bitglass added: “The results demonstrate that many organizations lack an authentic, lasting commitment to enhancing cybersecurity.”

It gets worse. Bitglass found that 77% of Fortune 500 companies “make no indication on their websites of who is responsible for their security strategy.”

Guess what sector is most derelict. Hospitality. 0% – none – have a named executive in charge of cybersercurity on their websites. And that’s despite the industry’s many breaches. Eight hospitality companies are in the Fortune 500, all failed.

Manufacturing is next worse. Only 8% name a cybersecurity exec on their websites. Telecom comes in third worst with 9%.

Hair splitting time. In this context “hospitality” refers mainly to hotel companies and some restaurant groups. Not airlines which are grouped under “transportation.”

Hospitality also comes in at the bottom regarding the percentage of companies with website info “about how they are protecting the data
of customers and partners.” Just 25% of hospitality companies offer this info, tied at the bottom with oil and gas companies and construction companies.

That double fail wins hospitality a starring role in Bitglass’ list of least security conscious industries.

Transportation, by the way, does much better. 57% list an executive in charge of cybersecurity and 36% have a statement. This is not to say breathe easily at airline sites (loyalty programs have had their hacker problems). But they do do better than their hotelier brethren.

Here’s the question that matters: What are we to do to stay safe? The start is accepting it is our job. Hospitality companies don’t have our backs. If we are to be safe it is because of what we do (or don’t do).

Rule one: Assume that any hospitality site you use will be hacked. Take that seriously. It means that any data you leave at the site may end up in criminals’ hands. Personally I am just as suspicious of airline sites. I follow the same precautions at both kinds.

Never use passwords that are used at important accounts – a credit union or bank, for instance – at a hospitality site. Hackers use computers to automate testing of stolen passwords at leading banks precisely because they know many of us are lazy and dumb and use a password at multiple locations. Just don’t.

Personally I use Google generated passwords at most hospitality and airline sites, mainly because I generally log in on a mobile phone with a fingerprint and a long, complex password is fine. Either way, though, remember that a hospitality site probably will be hacked.

Do keep tabs on anything of value that you have at hospitality websites. Loyalty programs have for some years been hacker targets. Your points may already have been stolen. A corrective is to regularly monitor balances. How often is enough? It depends upon how valuable a stash is. I think I have some Delta miles but couldn’t tell you when I last looked because I know there aren’t many.

But with the sites where I have large deposits of loyalty points I log in at least monthly. I can’t say I have personally seen miles stolen but I nonetheless do check regularly.

While you are at this, stop using hotel WiFi – it’s dangerous.

Personally, just this week I ignored my advice because my cellphone hotspot was anemic and I had free hotel WiFi via Hilton Honors and I was traveling with an old Chromebook that had no personal data on it. I also didn’t access any sensitive sites (banking for instance).

But whenever possible, use something safer than hotel WiFi.

Can you travel and not get hacked? Maybe. Sure in fact. I don’t believe I ever have been. But my inflexible advice is to always assume you will be hacked. That’s how to stay safer on the road.

Who’s Dumber – Us or Hoteliers?

by Robert McGarvey

Hoteliers know they have a problem in their little used lobby spaces and their similarly unused business centers but now they believe they have a solution and it involves a bet that we are dumber than they are. Here’s the Travel Weekly story. The subhead lays it out: “Hotel companies, recognizing that their public areas are often used as coworking venues anyway, have followed the example of WeWork and its temporary office spaces by renting out portions of their facilities as communal workplaces. But will guests pay to use space that has been free until now?”

It’s that last sentence that boils my blood.

Understand, I do not dispute that hotels might – perhaps even should – seek to impose charges on non guests that use their public spaces as offices. It is one thing to stop into a hotel lobby and have a coffee or a cocktail and do a little business. It’s another thing to park in the space for six hours and do a full day of work. A hotelier has every right to seek to monetize that occupancy. But charging guests?

I applaud the hotelier quest to monetize otherwise under-used spaces – but not at the expense of paying room guests.

Fine by me, too, if hoteliers want to open their fitness centers to the public. Most aren’t much used anyway and if the public can be lured in, why not?

But charging guests for what has been free is where a line needs to be drawn.

Personally I prefer working in my room, I also do not much use hotel wifi and instead create a hotspot on my phone – it’s much more secure internet access. So I’m not exactly the target market for this use of public spaces.

Indeed, I have never parked myself for a workday in a Starbucks – although I know many who do and who enjoy it.

At least one hotel group seems to be doing this right: Crowne Plaza. The chain’s Plaza Workspace program offers – free – access to spiffy work pods. But for those who need more privacy there’s The Studio which is available for booking by the hour (and there’s a dandy online tool for that). Cost where I looked was $50/hour – but, remember, there’s no need to incur those costs unless you need that privacy. The free workspaces look quite inviting and comfy.

Why do some hoteliers believe they can gouge guests for use of what amounts to public meeting spaces? Don’t ask me, ask them. All I can guess is that they think we are dumb enough that we will pay for spaces that had been free (and largely underutilized in recent years – despite the outlier and outsized successes such as enjoyed by Ace Hotels). And to pay when there almost certainly is a Starbucks, or other coffee shop, a block away from the hotel and with free work space in the bargain.

Travel Weekly did quote one skeptic about our willingness to pay, Filipa Pajevic, a grad student at McGill’s School of Urban Planning: “Coworking has already been happening at hotels, in the sense that they’ve already been providing people a place to work while they’re away from their official workplace or home. So for hotels to say, ‘Look, we’re also going to offer coworking spaces,’ I don’t know if that’s going to necessarily go well. You’re asking me to now pay extra for something that I’ve already been doing in your hotel for free.”

And that just may apply to non guests as well. Why indeed would a person who has been using a nearby hotel for business meetings in the lobby – something done for many years by Manhattan dwellers, also San Franciscans – now suddenly dip into his/her pocket for lobby access? I don’t begrudge hoteliers their desire to nick those non guests for $20 or $50 – it’s just that I don’t see people doing this when there are those other nearby, free work spaces (Starbucks).

The bottomline here, however, is that when you are a guest don’t even think about paying to use hitherto free public spaces. Just say no. And walk outside and into a coffee shop (and, yeah, the java probably is better than the hotels’ too).

Business Travel’s Wellness Hoax

by Robert McGarvey

The Skift headline got me smiling: “Wellness for Business Travel Is An Uphill Slog.” You betcha.

From my perspective of perhaps 45 years of business travel, I’d say the industry can measure its wellness progress in centimeters. No more. We drink less booze – certainly I do – and eat fewer steaks and for that we can congratulate ourselves (and maybe mourn the passing of the “good times”). But as for a real wellness commitment, who is kidding whom?

Hoteliers and event planners talk a good wellness game. Just about every chain now has a “major” wellness initiative. But talk is still cheap. It’s the doing that matters.

Or the non doing in this case. Both on the part of the hoteliers and – truth be acknowledged – us.

I am just back from three nights in Las Vegas – a conference hosted by a financial technology company – and I returned a pound or two lighter than when I left home. But I skipped dinner every night, I also skipped the event cocktail hours, and every day I logged about 10,000 steps, just walking around a huge Strip resort.

But was my trip healthy? A role model for wellness?

Don’t be silly. I swilled maybe six large cups of coffee daily – at least double my norm – to keep me fueled up for long meeting days; I ate more scrambled eggs, bacon and sausage in three mornings than I had in the three prior months; and I also ate close to zero fresh and raw vegetables and fruit.

The breakfast buffet stands as an exemplar of progress not made. Sure, there was a platter of beautiful melon slices, an artistic palette of green, orange, yellow. It remained largely intact throughout service. I am not pointing fingers. I too admired its looks but otherwise ignored it. I dove into the scrambled eggs, the crispy bacon, the sausage links and, shudder, also grabbed a croissant one morning. The bread wasn’t good so I skipped it the other mornings.

Don’t tell my cardiologist about that morning feast. He would double my statin dosage.

Lunch – another buffet line. Fresh salads to start, also largely ignored. Visually appealing but shunned. Onto the chicken, the steak, and – of course – a small heap of cooked veg, just for appearances sake, no need to actually eat them.

The good news about lunch: desserts were at a separate table which I never visited and, by all means, give me applause for my discipline.

Or, more to the facts of this matter, question what happened to my culinary sanity as you review my daily intake of cholesterol, fats, and stuff that we know isn’t good for us.

Note: this was at a lovely, upscale Strip hotel. No faulting execution. It’s the underlying concepts that I question. The concepts are ours, by the way. Hoteliers are giving us what we want.

Here’s the reality: we all are talking a dandy game of enhanced wellness on the road but it is a mirage. Very little has changed in a half century. Perhaps a few more of us use the hotel or resort gym (although I am skeptical about that as are Cornell researchers). But we are a heckuva lot more obese than we were a half century ago. Maybe 10% of men were obese in 1960. Now it’s nearing 40%. Around 15% of women were obese in 1960. Now it is over 40%.

If it had been available, would I have eaten a bowl of oatmeal with almond milk and a handful of berries for breakfast? A feast at home. But on the road?

For lunch would I have eaten a veggie burger on a whole grain bun with an arugula, tomato salad on the side? Well, yes, actually. That’s become a personal favorite meal.

But count me as a no on the oatmeal. What about you?

We – most of us – are wellness laggards.

“The business travel industry is taking baby steps to incorporate more wellness, but there is a ton of room left for growth,” Sahara Rose De Vore, founder of the Travel Coach Network,told SKIFT. Indeed.

It’s not their fault, however. It’s ours. They are giving us what we want.

Plastics Bans Coming to an Airport Near You

by Robert McGarvey

SFO fired the first shot – on 8-19 it forbade airport shops, restaurants, vending machines, et. al. from selling plastic water bottles. We are instructed to bring our own refillable bottles and to grab our water at some 100 hydration stations.

Watch for this to spread to airports across the country and globally. Single-use plastics are cluttering our planet. Can we recycle our way out of this? Hah. “As investor Rob Kaplan of Circulate Capital recently told National Geographic, ‘There’s no silver bullet to stop plastic pollution. We’re not going to be able to recycle our way out of the problem, and we’re not going to be able to reduce our way out of the problem.’”

Much recycling is ineffective. Maybe even a scam. Just don’t use single-use plastics. That’s the exit and water bottles are a good place to start.

There’s a loophole in the SFO bans, by the way. Water can be sold in plastic bottles bigger than one liter, reports SFGate. My reaction to that is big deal. (1) What traveler buys a half gallon water jug? Not me. (2) It’s as easy to ban big bottles as it was smaller ones so if there’s a flagrant parade of giant jugs watch for a broader ban.

The bigger loophole is that the ban does not apply to juices, sodas, etc. It should.

Globally we use more than one million plastic bottles a minute. No one wants that much trash. Recycling efforts are noble but Sisyphean. Mountains of trash accumulate daily.

Repeat: no one wants this much garbage.

We can do our part. Personally as I walk around Phoenix where I live, I usually have a metal water bottle, stamped with the name of one resort or another, I couldn’t tell you which, or maybe it was a handout at a business meeting where, in recent years, there are ever more giveaways of logo metal water bottles. Point is: they are free.

It’s no big deal to carry a small metal water bottle in a carryon bag. For years I’ve carried a small travel umbrella (go to New York or Belfast enough and you’ll never fly without an umbrella). A water bottle is a little smaller and lighter.

Some pundits report that business travelers are grumbling about the SFO ban. Reported WAPO: “Although public reaction has mostly been positive, the news has resulted in some disgruntled business travelers who bristle at the inconvenience of having one more item to pack.”

I don’t get. What’s the inconvenience of toting a lightweight refillable bottle when measured against a planet that is choking with waste plastics?

Water bottles are just the first shot.

Color me also opposed to plastic straws which I never use. If you like straws buy a metal straw. They are cheap and small. California has a plastic straw ban (customers have to ask for a straw to get one); more states will follow. Plastic straws simply are bad. Something like 7.5% of the waste plastic in the environment is from straws and stirrers. Stop it.

I’m on record in my attempt to support the flygskam movement – but I am equally on record noting that it just isn’t easy to cut back on flying because our transportation alternatives suck.

It is easy to cut back – eliminate – a lot of plastic. I remember as a kid liking the feel of glass Coke bottles. Paper straws were fine too in that era (although I think reusable metal straws are a much smarter solution in 2019).

While we’re at this, ban single-use plastic bags too – as many nations already do. So does California. It’s easy enough to carry a small string sack, or cloth bag.

We can make a difference when it comes to plastics. I hear the pain when the talk is about flygskam. Single use plastics are different. They are easy to eliminate – we won’t miss them – and the planet will thank us.

You want some plastic in your life? Have at this.