At the Point-of-Sale (PoS) Terminal
The hospitality industry leads the way in terms of Point of Sale intrusions with 87% of PoS breaches.2 Fraudsters have multiple points of entry since payment card data is widely distributed through the hotel, most hotels have multiple PoS terminal locations, and card information often arrives at the hotel long before a guest arrives.
Lack of Private Information Safeguards
Research has shown that 74% of hotels do not have breach protection. Less than half use end-to-end encryption, which protects cardholder data, and tokenization, which protects personal payment data at payment terminals.3
Data Interconnectivity Within Hotel
Due to the interconnection of hotel shops and services, such as restaurants, dry cleaning, spa, in-house business centers and more, a data breach can spread quickly across the one location, making it more complex and costly.
High Hotel Employee Turnover
Hospitality workers are on the front lines when it comes to customer service – and data security. But hospitality positions tend to have a high turnover rate which can affect real-time data security. Some studies show turnover rates among non-management hotel employees are close to 50%.4
Risks from Third-Party Vendors
The hotel industry shares a lot of confidential data with airlines, car rental companies, retail organizations and other third-party vendors. Studies have shown that approximately 60% of Chief Information Security Officers (CISOs) express some concern about third-party security practices and the risk of a data breach.5
While the theft of mobile devices, confidential information, and other valuables are always a concern, the interconnection of computerized systems means that a network breach with ransomware or other malware can affect structural parts of the hotel too. This includes door locks, heating and air, and electrical systems.
Lack of Mobile Security Management
Nearly one-third (32%) of organizations in a recent survey admitted to sacrificing mobile security to improve business performance. Mobile technology affects many systems in a hotel, including property-management systems, PoS systems, door locks, messaging systems and more.6
As the hotel industry incorporates new technology, systems and software, stored or improperly-disposed of legacy assets can increase the risk of an attack.