February 13, 2018

Hotel Security: What All Guests Can Do to Protect their Confidential Data


Whether you’re checking into a hotel room for business or a personal occasion like Valentine’s Day, it's important to know that industry experts are sounding the alarm on data security.   

Information thieves are increasingly targeting hotels because of all the personal information they collect and store. There are many interconnected points of contact too, from reservations and payment processing to rewards programs and personalized guest services – and that means a breach can spread quickly across the enterprise.

Hotels account for 92% of all point-of-sale intrusions in the hospitality industry, according to a 2017 Verizon Data Breach Investigations Report. Malware is the choice strategy used to target customer credit card data in the hotel network.

To fight potential breaches, hoteliers must implement the strongest possible safeguards to protect data, and a culture of security should extend throughout an organization.

But hotel guests can do a lot to protect themselves too. Here's a checklist:

  • Check accommodation reviews. Online reviews can say a lot about the hotel’s security posture, and many hotels post their Data Protection Policy too. Avoid hotels that lack security. 
  • Think about the confidential data you are packing. Leave some ID at home, and don’t bring sensitive data that might be stolen or lost.
  • Password-protect mobile devices. Use every available safeguard to protect mobile devices. Passwords will make it tough to get into a phone if it is stolen or lost.
  • Guard devices. Never leave devices unattended in hotel common areas. Use a privacy screen if you tend to use devices in the hotel coffee shop.
  • Turn off automatic Bluetooth connectivity.  When connectivity is open, a cyber criminal, set up in the lobby, for example, can pick up the signal and gain access.
  • Avoid public Wi-Fi.  Hackers can set up fake Wi-Fi access points (APs), and trick victims into connecting to them. Most hotels provide a password-protected network for guests, and that’s the one you should use. Also, consider a Virtual Private Network (VPN) for a secure encrypted connection between your device and the server.
  • Be cautious when using hotel technology. There have been reports that criminals have modified USB charging stations in common spaces to inject malware into devices that travelers plug in. Instead, bring your own chargers. If using a public computer, avoid sending sensitive information, and always log out of accounts when done.
  • Keep track of credit cards. Get into the habit of checking sensitive financial accounts. Speak to your bank about receiving notification by text, for example, whenever your credit card is used.   
  • Always protect your confidential information. Don’t leave your laptop, USB or wearable technology lying around the hotel room. Many hotels provide lockable safes in rooms. Avoid tossing confidential information on paper into the garbage bin in the room. Take it with you or ask the front desk to have it securely destroyed. The hotel should partner with a professional document destruction company that provides secure destruction services for paper and digital data.  

Start Protecting Your Business 

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.