Tuesday, March 5, 2013

Why travel agents are still relevant

Recently, a coworker asked for my help in finding business class deals for the flight to repatriate his family to Canada. He really wanted this to be a nice trip home. We have both been frequent business flyers and knew where to begin the search. But it still took quite a bit of effort and time deciphering all the nuances of various booking systems, and there was a big dose of luck involved as well. This reminded me of the travel agent I almost took for granted...

While living in Montreal, I travelled internationally on business quite frequently. This included many trips to far-flung places in Asia and Europe. In the Internet age, booking your own trip online has been the norm. But for more complex itineraries involving multiple stops, I called on the help of Enzo at Westmount Travel, just down the street from my home. Westmount Travel is an independent agent and I always received Enzo's personal attention. It was unusual for me to pay full-fare for business class bookings because Enzo, more often than not, was able to find the best discounted business class fares that were not readily available online. This helped to put me in the CFO's good book. But Enzo's real value came when things did not go as planned.

When the 2010 Iceland volcanic ash incident started, I was in the midst of a multi-stop European business trip. I had flown into London from Spain, the night before, had a quick meeting at the London office, and was about to leave for more meetings in Malta when the announcement came through that the entire Western European airspace was closed to traffic. My fellow travellers, who had their travels booked through the usual corporate outfits, were on their own and on the phone with their respective airlines for hours on end to sort things out. I emailed Enzo to let him sort out the cancellation of the Malta trip and a few days later, he was able to rebook me on a flight home to Montreal when it was evident the airspace would reopen. I couldn't have picked a better place to be stuck in for an extra few days and my travel agent made sure I didn't have to the sweat the details of rearranging my travels. This incident really made me appreciate the value of using a good travel agent.

So if you are a frequent traveller, my advice is to build a good relationship with a competent independent travel agent to make sure you get the best deal for your bookings. They don't cost much, maybe $50 per booking if I remember correctly, and have access to deals that even the wonderful Google has yet to reveal (though it is a good idea to double check). When things go sideways, you know there is someone you can call upon to help sort things out. Not all travel agents are equal, so you might have to try out a few before you find the one. The agents make a bit more money on cruises and other vacation bookings, so make sure to send some of those business their way to reward their hard work. This is a worthwhile relationship to have in your life, even in the age of Internet travel deals.

Saturday, March 2, 2013

My online accounts have been hacked!

Since I run my own email server, I have the luxury of easily creating a unique email address for every vendor so that I can easily track who has sold me out or if their customer database has been breached, often before any official notice is issued. A few recent high profile breaches of my most trusted online service providers ...

I work in an industry that is under persistent risk of data breaches and leakages, so I am very conscious of the fact that no system can be absolutely foolproof against determined attackers. The key differentiator is whether the vendor has a good plan (aka a runbook) in place to deal appropriately with data breaches.

If you are one of my vendors, here's the recommended plan of action:
  1. Be honest. Come clean as quickly as possible so that your customers can take appropriate actions to clean up their end of things.
  2. Be truthful. Don't dress things up or cover them up in a feel-good rhetoric. Tell me what really happened and what I need to do to take care of business.
  3. Be transparent. Do communicate what you are doing and going to do to clean up this mess, and your plan to keep this from happening again. Don't overdo it, we are not family. An update every couple of days is good enough.
  4. Act decisively. Figure out what you need to do to fix the situation and do it quickly. Evernote's decisive action to reset all passwords is a good example.
  5. Apologise. We are human, you will be most likely be forgiven. A big discount for the next subscription renewal might help. Heck, think of this as a cost of marketing if you are doing it right.
  6. Show your customers that you don't give up! Customers like vendors who (think they) know what they are doing. Put up a good fight!
  7. Don't take it out on your team. After all, they have only done what you told them to do.
  8. Don't be too hard on yourself. You are only human. But be resolute to not make the same mistake twice. Be humble, seek advice from your peers and the experts.
As the consumer of online services, you know by now that you should not assume those with whom you conduct business, are safe from data breaches, no matter if they are big or small. You have to assume that your information will end up in the hands of unintended recipients at some point. You can be a victim or you can choose to proactively manage your risk. With that in mind, here's the recommended plan of action:
  1. If at all possible, give each vendor a unique email address for each account. This can be a real pain even if you run your own email service. But here's one way to do it with Gmail.
  2. Use a different/unique password for your account with each vendor. This is a pain, but it will spare you much more pain in the long run. There are many password managers that can help ease the pain.
  3. Change all your passwords at least once a year. Again, a pain, but password managers may help.
  4. Use strong/random passwords. This is not that difficult - pick a long phrase, take the first letter from each word - there's your password. Studies have also shown that 8-character or longer passwords are much more difficult to crack than shorter ones. This is a moving target with increasing computing power, but you have to start somewhere.
Bottom line, instead of blaming your trusted vendors or the baddies on the Internet, you are the masters of your own destinies. So much easier to take responsibility for yourself than to blame others. Good luck and take care!