Hotels Address Compliance and Identity Management Business Challenges with Novell-led Bandit Project

Once unreachable systems requiring time and cost-intensive manual administration now part of automated identity management solution based on open source reference code developed by Bandit project

27 February 2008

The Novell-led Bandit™ project today announced a solution to help address one of the major business challenges faced by hotel and hospitality enterprises – how to cost effectively connect disparate systems to streamline administration and comply with regulatory requirements. Using open source, the Bandit project has written a reference implementation based on Hotel Technology Next Generation (HTNG) standards that will bridge various systems and platforms in an enterprise, including legacy systems, with commercially available identity management software. According to a white paper conducted by analyst firm IDC and sponsored by Novell®, ("Demonstrating Return on Investment with Enterprise-Class Security Technology," Doc #209258, November 2007) the total benefits of implementing identity and security management software in an organization averages more than $5.6 million annually.

The reference code created by the Bandit project builds on existing HTNG standards, and implements additions proposed by the HTNG Identity Compliance Services team. The proposed standard is being developed for adoption into an HTNG standards release this year. The first implementation of the proposed HTNG standard is being initiated by Delaware North Companies, a global hospitality and food service provider.

"HTNG approached several vendors to address the problem of how our members could centrally connect and administer their heterogeneous systems," said Douglas C. Rice, executive vice president and chief executive officer of HTNG, a global trade association that facilitates the development of next-generation, open standard technologies for the hotel and hospitality community, including most of the world's leading hotel companies. "An open source reference implementation, such as the Bandit project's, is particularly attractive as it will enable our members to extend their identity management implementations. This could result in major cost savings for our member hotels through automated administration and auditing of once disparate systems."

Most hotels have as many as 100 systems, such as phone, heating and point-of-sale systems, spread across many locations with individual administrative accounts, making it difficult to effectively audit and monitor the entire operating environment. By using the Bandit project's reference code to connect all these different systems to readily available identity management software, enterprises can maintain compliance with industry regulations, lower administrative costs and significantly reduce the time required to provision, administer and pass audits.

"As a global leader in hospitality and food service, Delaware North Companies has operations in hotel, retail, food service, recreation and transportation," said Yvette Vincent, director of Applications at Delaware North Companies. "With the Bandit Project's connectors and the proposed HTNG standard we will be able to utilize Novell Identity Manager to automate, monitor and control access to our systems from one central location, as well as streamline the process of auditing our IT infrastructure, making it easier to prove compliance with the Payment Card Industry Data Security Standard (PCI-DSS) and other regulatory requirements. This technology gives companies the ability to greatly improve the quality of user access management, with a greater degree of efficiency as well."

The Bandit project is focused on developing a consistent approach to enterprise identity management challenges, including secure access and compliance reporting. Bandit developers wrote source code for "connectors" based on standards currently under development within HTNG, which allows hotels and hospitality enterprises to integrate their various systems with an identity management solution. Because Bandit's connectors were written in open source code, hospitality organizations and other industries can adopt the standards for their enterprise needs.

The Bandit connectors source code is available now at Delaware North Companies will be presenting a case study of their proof-of-concept implementation at the HTNG Fourth Annual Members' Meeting and Conference, Feb. 25 to 27, at the Westin Seattle Hotel.

About Bandit

Bandit is an open source project, sponsored by Novell, that is developing open source identity services to provide organizations with a consistent approach to enterprise identity management challenges such as secure, role-based access and regulatory compliance reporting. As an open source project, it is also a community of developers – part of a larger identity and security community – that organizes and standardizes identity-related technologies in an open way, promoting interoperability, collaboration and further innovation. For more information, please visit


About Novell

Novell, Inc. (Nasdaq: NOVL) delivers infrastructure software for the Open Enterprise. Novell is a leader in desktop to data center operating systems based on Linux and the software required to secure and manage mixed IT environments. Novell helps customers around the world minimize cost, complexity and risk, allowing them to focus on innovation and growth. For more information, visit

Novell is a registered trademark and Bandit is a trademark of Novell, Inc. in the United States and other countries. *Linux is a registered trademark of Linus Torvalds. All other third-party trademarks are the property of their respective owners.

Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.