November 07, 2017
Hotel chains around the world have been in the spotlight pretty consistently due to high profile data breaches.
Information thieves target hotels because of all the confidential and personal data these organizations handle. But while cyber security seems to get all of the attention, don’t forget that paper documents are still an important part of hotel business too.
Customer credit card numbers are by far the most sought-after data. According to Verizon‘s 2017 Data Breach Investigations Report (DBIR), accommodation took the lead in point-of-sale intrusions with 87% of breaches. As EMV (smart payment) chip card processes are increasingly adopted, attackers are expected to shift to hotel contact centers where clerks often write down phoned-in reservation information.
Other guest data can be used in identity theft schemes too. This includes names, addresses, phone numbers, loyalty program details, and even boarding passes. This kind of information comes from many different sources – online, faxed, third-parties, phone, walk-ins, and theft – and that makes security more challenging.
Corporate information is also valuable and includes revenue policies, food and beverage operations, customer and supplier information, research and development, and sales and marketing.
Employee information held by the HR department includes everything from applications and medical records to payroll, performance evaluations and training information. Employee turnover in this industry is high.
Social media is important. Research has shown that when guests engage with a hotel brand, they’re nearly 40% more likely to return. Fraudsters get personal information from social media sites too.
With the average cost of a data breach coming in at $3.62 million according to a 2017 Ponemon study, hotels must create a culture of security throughout their organization.
Here’s a checklist.