The Clouds Hotel & Resort: escaping an all-in-one ISP contract

The Clouds Hotel & Resort is a 45-room boutique property in Arambol, North Goa — the kind of independently-run operation that makes up most of Goa's hospitality market. Like many hotels its size, The Clouds had no in-house IT team. Three years ago, when its internet provider offered to bundle everything — in-room Wi-Fi, CCTV, intercom, guest network, general IT support — into one monthly contract, it looked like an obvious win. One vendor, one bill, one number to call when something broke.

By the time we were engaged in early 2025, the picture looked different. The monthly bill had climbed from ₹52,000 in year one to ₹71,000 by year three — a 37% increase, most of it absorbed silently at each renewal. A guest dispute had surfaced gaps in CCTV recording that the hotel couldn't independently audit because the ISP controlled access to the NVR. The renewal for year four was approaching. The owner's brief to us was direct: is there a better way, and if so, can we get there without losing a season?

Why the bundle fails

ISP-bundled hotel IT is seductive because it solves a real problem — small hotels genuinely don't want to deal with IT. But the structural issues are consistent across properties:

Single point of failure. When everything runs through one provider's infrastructure, an ISP outage takes down internet, cameras, intercoms and billing simultaneously. In Goa, where monsoon cable damage is routine, one-provider setups create risks no hotel can afford during peak season.

Lock-in by design. The ISP owns the passwords, settings and often the hardware itself. Switching means 2 to 4 weeks of rewiring and staff retraining — operationally untenable during season. The provider knows this, which is why annual escalations of 8 to 12% are routine at renewal.

Product bias. ISPs make more money selling their own cameras, access points and intercoms. Every recommendation tilts toward their catalogue, regardless of what the property actually needs.

Wrong kind of expertise. ISPs are good at delivering bandwidth. Hotels need PMS integration (Opera, IDS, eZee, Hotelogix), PCI-DSS-compliant payment segmentation, FRRO-compliant guest Wi-Fi logging, door-lock network isolation, channel manager integration. When the billing system stops talking to the card machine at 11 PM on New Year's Eve, a generalist ISP technician is not the right person to call.

Misaligned legal exposure. The least-understood and most expensive to get wrong. Under Indian IT Act provisions and CERT-In directives, the hotel is the data fiduciary for guest information — not the ISP. But when the ISP manages everything, guest Wi-Fi data, CCTV footage, phone records and Form-C foreigner registration submissions all pass through their systems. If there's a breach, the ISP's liability is capped at contract value. The hotel's regulatory and reputational liability is not.

The five-year picture

Before recommending anything, we put together a five-year total-cost-of-ownership comparison for a 40-to-50 room property:

ISP-bundled package: no upfront cost, ₹45,000 to ₹75,000 monthly, 8 to 12% annual escalation, zero owned assets at the end, renewal quote waiting.

Independent setup: ₹4 to 8 lakh upfront, ₹15,000 to ₹25,000 monthly for bandwidth plus AMC, minimal escalation, owned infrastructure at the end, no renewal trap.

Break-even between the two models lands at 22 to 30 months. Over a full five years, the independent setup is 30 to 45% cheaper. After break-even, the hotel owns equipment and institutional knowledge rather than walking into another round of renewal pricing. For The Clouds specifically — already three years into the bundled model — they'd already spent most of what a full independent setup would have cost, and had nothing to show for it.

A property-appropriate architecture

The replacement architecture separated concerns cleanly, with each component owned by whoever was best placed to run it:

Internet bandwidth — from the ISP, but as a pure bandwidth service only, with a second provider added for redundancy. If one line drops, the other keeps service running.

In-room Wi-Fi, CCTV, intercom and access control — owned hardware, specified to the property's actual floor plan and guest profile, maintained under an AMC contract with a local hospitality-focused IT partner. The Clouds owns every piece of equipment; the AMC partner keeps it running.

Guest Wi-Fi portal and CCTV/NVR — FRRO-compliant captive portal with logs stored on hotel-owned storage, and CCTV on an isolated network segment with administrative access held by the owner. No more waiting on a vendor to pull footage when a dispute comes up.

Payment systems — properly segmented from guest and staff networks, PCI-DSS-aligned from day one.

Compliance review — annual independent audit covering FRRO, PCI-DSS and CERT-In directives. Not outsourced to the same vendor that runs the systems.

Transition without losing a season

The biggest practical concern was timing. Pulling equipment out and rewiring a functioning hotel during peak months was not an option. We planned a 60-day phased cutover spanning the shoulder between peak and off-peak, switching services one at a time — bandwidth first, then Wi-Fi, then CCTV, then intercoms, then access control. At each stage the old system stayed live as a fallback until the new one was confirmed stable. Staff training ran alongside, so by the end of the 60 days reception and maintenance teams could handle routine tasks — resetting a guest Wi-Fi password, reviewing CCTV footage, restarting a router — without calling a vendor.

Outcomes

Year-one savings: ₹3.8 lakh. The monthly run-rate dropped from ₹71,000 under the ISP bundle to approximately ₹19,500 under the independent setup (two ISP bandwidth lines plus AMC). Annualised, that's a ₹6.2 lakh reduction. Netting out the upfront investment, The Clouds saw ₹3.8 lakh of net savings in year one. Year-two savings, with no further upfront costs, sit closer to ₹6 lakh.

CCTV under hotel control. The owner can now pull footage independently, audit for gaps, and share evidence without going through a vendor.

Compliance posture improved measurably. FRRO Form-C submissions, PCI-DSS segmentation and CERT-In-aligned logging are now configured by people whose primary accountability is compliance — not bandwidth uptime.

Guest Wi-Fi experience improved. ISPs optimise Wi-Fi for contract uptime targets, not for smooth Netflix or Zoom in a specific room layout. The new design prioritises what actually matters to guest reviews: consistent signal in every room, no dead zones, proper bandwidth allocation during peak occupancy.

When the bundle does make sense

Not every hotel should walk away from an ISP bundle. Two scenarios where the bundled model is genuinely the right answer:

Very small properties under 15 rooms, where the upfront investment in owned equipment is disproportionate to operational scale.

Temporary bridges, where a new property is opening and needs immediate functional IT while a proper independent setup is being designed and procured.

For everyone else — 20 rooms and up, operating for more than a year or two — the numbers almost always favour the independent path. The Clouds is representative, not exceptional.

What this engagement demonstrates

Hotels don't fail at IT because hotel owners are bad at IT. They fail because the IT market has structured a product — the all-in-one ISP bundle — that optimises for the vendor's renewal economics rather than the hotel's operational reality. The same market structure exists in other SME sectors, with the same pattern: a bundled managed service that looks cheap on arrival and is hard to leave on departure.

The alternative isn't more complicated. It's just separated. Bandwidth from a bandwidth provider. Hardware the hotel owns. Services run by people who specialise in what hotels actually need. Compliance reviewed by someone with no stake in selling you more bandwidth. For any Goa hotel looking at an imminent contract renewal, the first step is not negotiating harder — it's asking whether the bundle should exist at all.