Denial-of-Service (DoS) attacks account for approximately 20% of hospitality cyber incidents.
2018 Data Breach Investigations Report. Verizon
Nearly 9 out of every 10 data breaches in the hospitality sector affected a Point-of-Sale (PoS) system where card-present transactions occur.
2017 Lodging Technology Study, Frictionless Hotels: Enabling the Omni Experience. Hospitality Technology
74% of hotels do not have breach protection.
Data Breach Costs Will Soar to $2T: Juniper, cuna.org, May, 2015
Business travelers work everywhere.
Lobbies, business centers, restaurants and hotel rooms all double as mobile offices at times. Therefore hotels must treat their guestrooms and event spaces like mobile offices, complete with data security practices and policies in place, or risk serious financial and reputational consequences. Ask yourself these questions to find out if your hotel is secure:
Do you meet regularly with your legal team about data use?
You could be mishandling guest data and not even know it. Actions like combining personal identifiers or not getting explicit consent for using data in certain ways could mean that you are breaking a privacy law in your own country or in the country of your guests. Meet regularly with your legal team to stay up-to-date on how you are using guest data and to remain compliant.
Do you provide locked filing cabinets for guests?
More often than not, sensitive paper documents accompany business travelers. In addition to safes, give guests the option to have a locked filing cabinet in their room, especially if they are staying for an extended period of time.
Train staff to spot insider threats?
The nature of hotel environments means that many people potentially have access to sensitive guest data. Keep your guests secure by training your employees on how to identify insider threats or suspicious behavior.
Give guests the option to connect to wired network ports?
Guests working with sensitive information on their devices may be wary about connecting to WiFi access points. By allowing them to connect directly to a network port, you provide them with added security.
Know what to do with confidential data during an evacuation?
Your hotel should be aware if an event or meeting on your premise involves discussing sensitive or proprietary information. Ensure that you have a plan in place to protect the sensitive information displayed on the screen or distributed to attendees in the event of an emergency or an evacuation.
Educate guests on your security practices?
When guests arrive, provide them with useful information about the security features they can access, such as where to access locked storage, on-site shredding and network ports. You can also equip them with general data protection tips to help them keep their information secure during their time at your hotel.
Provide access to secure shredding & locked consoles on-site?
Business travelers may need to securely destroy airline tickets, receipts, printed presentations or other sensitive documents. Provide guests with access to locked consoles in the lobby and regularly schedule document destruction through a provider with a secure chain of custody.