On a daily basis and for different applications, people interact with Information Technology (IT) at work and at home. The wide applications of IT directly apply to the hotel industry. At present, no hotel can maintain its competitiveness without the assistance of IT. The richer the customer information stored in a database, the more comprehensive level of services can be provided, and a higher level of customer satisfaction can be achieved. With the majority of computer servers attached to the Internet, the opportunities of customer data being inappropriately accessed by intruders have, unfortunately, increased dramatically. In addition, virus and worm attacks could create security flaws for hackers to gain access to hotel customers’ confidential data like credit card information. To protect their valuable information, hotel IT managers have to ensure that their networks are well-protected. Furthermore, hotel operations are now heavily IT-dependent. As such, good disaster recovery planning can ensure the business continuity during system downtime. This study presents the findings of the experience of 32 Hong Kong hotel IT managers who shared their hotels’ current IT security policies and disaster recovery preparations.