I Said Yes to Every Upgrade in Las Vegas. Here’s What It Cost.

LAS VEGAS—Few places vacuum money from you like this glittering gambling and entertainment playground. That’s true for the visitors in town for Sunday’s Super Bowl —official motto: Excessive Celebration Encouraged. And it’s true for visitors any time, with the $US200 seats at the pool and the $US800 bottle service at nightclubs. All before you step onto the casino floor. You can fly here for as little as $US50 if you play your cards right. But people come to Vegas to spend, and the businesses here know it. This place hits travelers with potential upgrades every few steps. So I flew in for an experiment, a real-life version of the Jim Carrey comedy “Yes Man” (or “Yes Day” if you’re a Jennifer Garner fan). I said yes to every upgrade and VIP package to see just how much you get for your money, and what can be skipped. I had parameters. The $US3,999 helicopter ride to the top of Valley of Fire State Park for yoga was out. As was the $US4,000-a-night upgrade offer to a three-bedroom presidential suite at my hotel. Still, I cut lines, got a massage in the reserved seats at the Aria sportsbook during an NFL wild-card game, relaxed in a private lounge before a show at the Sphere , and drank a French 75 from a prime window seat at the Eiffel Tower Restaurant. In all, I spent $US976 to upgrade my Vegas visit. Was every upcharge worth it? Absolutely not. But a few are worth your money.

Yes, yes and yes

The offers began minutes after I booked a room for two nights at the luxury all-suite Palazzo resort. The price: $US480 before taxes and fees for two nights, a relative bargain on a holiday weekend in January. How much for a room booked last-minute for Super Bowl weekend? $US1,700 a night. I landed two upgrades after an email prompt gauged my interest: $US75 for early check-in and $US57 a night for a city view, the cheapest room category upgrade. Early check-in fees irk me , but this was worth it after my early flight. I was in the room by 11 a.m. The room was swank. The view of Treasure Island and the Mirage was nothing special.

A city view room at the Palazzo resort, where travel columnist Dawn Gilbertson paid an extra $US57 a night plus taxes to upgrade the view. PHOTO: DAWN GILBERTSON/THE WALL STREET JOURNAL

I headed to Area15, an arts and entertainment complex. First stop: Meow Wolf ’s Omega Mart, a popular immersive art experience that takes visitors into a bizarro grocery store that links to an alternate dimension. Admission is $US54; upgrading to a $99 VIP package promised to “enhance my experience” but bought me a souvenir pin, VIP lanyard, a cocktail and a 15% discount I didn’t use at the gift shop. Maybe the good stuff comes with the $US129 scavenger hunt package. (As I perused products like cans of faux La Croix in mashed-potato flavour and wandered a dizzying hall of mirrors, I wondered how many visitors upgraded with a trip to a local dispensary beforehand.) Admission to stroll around the rest of Area15 is free, but I upgraded to a $US35 pass, which included five attractions, the best of which was the outdoor Liftoff ride with great views of the Strip.

Cutting lines for crab legs

Many resorts here gave up the buffet business for good during the pandemic . The Wicked Spoon buffet at the Cosmopolitan of Las Vegas still packs them in. Saturday brunch had an hour-long wait during my visit. VIP line to the rescue! $US35 gets you a head start on the $US62 all-you-can-eat feast of snow crab legs, sushi and slow-roasted strip loin. The best part: The manager overseeing the line comped the fee because she said she enjoyed talking to me and a friend while we waited. (I never identify myself to employees as a Wall Street Journal reporter on these types of assignments.) Suddenly playing with house money, I sprang for the unlimited mimosa package for $US33 after tax and tip, to go with the brunch base price. There is a 90-minute limit, but I had places to be.

One movie, $US245

My colleague Jason Gay calls the Sphere, the giant orb that sits behind the Venetian, a “beach ball peaking on acid.” He paid $US539 to see U2 at the new venue. In the biggest single splurge on my trip, I paid $US245 to see a 50-minute movie there. The Director’s Seat package promised VIP entry, preshow lounge access with free beer, wine and snacks and a souvenir Sphere T-shirt. The VIP entry was the best perk, letting me skip the clogged Regular Joe lines. I was one of the first people in the atrium, where a humanoid robot named Aura chatted with me and a couple from Arkansas who also took the VIP plunge. The robot asked them the secret to their 55-year marriage. We met again in the nearly empty lounge before the Darren Aronofsky show “Postcard From Earth.”

Delta Sky Club this ain’t: The small food spread included soft pretzels with cheese and mustard. The bartender did dig out a great local IPA, Atomic Duck, and pointed me to the popcorn that VIP guests could take into the movie. The package promises premium seating for the show, a trip around the globe in which seats rattled when elephants or a jumbo jet rumbled across the giant screen.

My seat was good, albeit one row up and an aisle over from my friends who paid $US79 for their standard tickets. The final Yes Day in Vegas is a spendy blur: $US190 to watch the Lions and Rams duke it out in an NFL playoff nail-biter from a high-top table with food and alcohol included in a roped-off section at Aria Resort & Casino. The rest of the sportsbook was standing room only.

Then there was the $US40-a-person fee for the window seat at the Eiffel Tower Restaurant overlooking the dancing Bellagio fountains. The couple celebrating their anniversary one table back couldn’t believe I paid the fee. I left Vegas a little spoiled and out of sorts. When Southwest Airlines offered a $US50 upgrade to jump to the front of its boarding line on my flight home, I clicked buy. Can’t wait to explain that one to the folks in Expense Accounting.

As tech leaders race to bring Windows systems back online after Friday’s software update by cybersecurity company CrowdStrike crashed around 8.5 million machines worldwide, experts share with CIO Journal their takeaways for preparing for the next major information technology outage.

Be familiar with how vendors develop, test and release their software

IT leaders should hold vendors deeply integrated within IT systems, such as CrowdStrike , to a “very high standard” of development, release quality and assurance, said Neil MacDonald , a Gartner vice president.

“Any security vendor has a responsibility to do extensive regression testing on all versions of Windows before an update is rolled out,” he said.

That involves asking existing vendors to explain how they write software, what testing they do and whether customers may choose how quickly to roll out an update.

“Incidents like this remind all of us in the CIO community of the importance of ensuring availability, reliability and security by prioritizing guardrails such as deployment and testing procedures and practices,” said Amy Farrow, chief information officer of IT automation and security company Infoblox.

Re-evaluate how your firm accepts software updates from ‘trusted’ vendors

While automatically accepting software updates has become the norm—and a recommended security practice—the CrowdStrike outage is a reminder to take a pause, some CIOs said.

“We still should be doing the full testing of packages and upgrades and new features,” said Paul Davis, a field chief information security officer at software development platform maker JFrog . undefined undefined Though it’s not feasible to test every update, especially for as many as hundreds of software vendors, Davis said he makes it a priority to test software patches according to their potential severity and size.

Automation, and maybe even artificial intelligence-based IT tools, can help.

“Humans are not very good at catching errors in thousands of lines of code,” said Jack Hidary, chief executive of AI and quantum company SandboxAQ. “We need AI trained to look for the interdependence of new software updates with the existing stack of software.”

Develop a disaster recovery plan

An incident rendering Windows computers unusable is similar to a natural disaster with systems knocked offline, said Gartner’s MacDonald. That’s why businesses should consider natural disaster recovery plans for maintaining the resiliency of their operations.

One way to do that is to set up a “clean room,” or an environment isolated from other systems, to use to bring critical systems back online, according to Chirag Mehta, a cybersecurity analyst at Constellation Research.

Businesses should also hold tabletop exercises to simulate risk scenarios, including IT outages and potential cyber threats, Mehta said.

Companies that back up data regularly were likely less impacted by the CrowdStrike outage, according to Victor Zyamzin, chief business officer of security company Qrator Labs. “Another suggestion for companies, and we’ve been saying that again and again for decades, is that you should have some backup procedure applied, running and regularly tested,” he said.

Review vendor and insurance contracts

For any vendor with a significant impact on company operations , MacDonald said companies can review their contracts and look for clauses indicating the vendors must provide reliable and stable software.

“That’s where you may have an advantage to say, if an update causes an outage, is there a clause in the contract that would cover that?” he said.

If it doesn’t, tech leaders can aim to negotiate a discount serving as a form of compensation at renewal time, MacDonald added.

The outage also highlights the importance of insurance in providing companies with bottom-line protection against cyber risks, said Peter Halprin, a partner with law firm Haynes Boone focused on cyber insurance.

This coverage can include protection against business income losses, such as those associated with an outage, whether caused by the insured company or a service provider, Halprin said.

Weigh the advantages and disadvantages of the various platforms

The CrowdStrike update affected only devices running Microsoft Windows-based systems , prompting fresh questions over whether enterprises should rely on Windows computers.

CrowdStrike runs on Windows devices through access to the kernel, the part of an operating system containing a computer’s core functions. That’s not the same for Apple ’s Mac operating system and Linux, which don’t allow the same level of access, said Mehta.

Some businesses have converted to Chromebooks , simple laptops developed by Alphabet -owned Google that run on the Chrome operating system . “Not all of them require deeper access to things,” Mehta said. “What are you doing on your laptop that actually requires Windows?”