CHICAGO, IL – NOVEMBER 30: A sign marks the location of a J.W. Marriott hotel on November 30, 2018 in Chicago, Illinois. Marriott says their Starwood guest reservation database was hacked, compromising the security of private information for up to 500 million hotel customers. (Photo by SCOTT OLSON / GETTY IMAGES NORTH AMERICA / Getty Images via AFP)
- Data security is a priority in the hotel industry following increased digital transition and high-profile data breach incidents.
- Seamless interconnectivity and expanding use of technology is part and parcel of the hospitality industry.
- Research revealed that half of the hospitality industry decide to pay a ransom, while studies show that only 26% end up having their data unlocked by hacker.
Data security is a priority in the hotel industry following increased digital transition and high-profile data breach incidents. Failure to keep data safe can incur more than just financial loss and trust and reputational damage, which could have a more lasting effect. In an industry already battered by the pandemic and rising competition from alternative lodgings, losing customer confidence isn’t the way forward in 2022.
Stolen data from a hotel could include personal information that can be used to commit identity theft. This can comprise names, emails, to credit card details. These details can also be used to open financial accounts, take out loans, file fraudulent tax returns, and more.
Research revealed that half of the hospitality industry decide to pay a ransom, while studies show that only 26% end up having their data unlocked by hacker.
Data security is essential due to the heightened risk of fraud and identity theft
“As a result of the breach, consumers have been exposed to a heightened risk of fraud and identity theft and must now closely monitor their financial accounts to guard against misuse. Consumers may also incur out-of-pocket costs for purchasing credit monitoring services, credit reports, credit freezes, or other protective measures to deter and detect identity theft,” Berger Montague, co-lead counsel in a class-action lawsuit against MGM Resorts, wrote on its website. The lawsuit pertains to a data breach compromising the personal information of more than 200 million guests staying at an MGM property through the end of 2017.
Seamless interconnectivity and expanding use of technology is part and parcel of the hospitality industry. The convenience and efficiency that tech provides for a more productive workforce become an essential ingredient in serving the best experience for the guests.
Cyber defense strategy is imperative
Wi-Fi is already an expected amenity. Due to the pandemic, hotels look to manage every aspect of guests’ hotel interaction via their smartphones to limit physical contact. Hotels are now equipped with touchless and guest room technology, such as streaming services, smart-home devices, and keyless entry. These are becoming the pull factors when guests consider their accommodation options.
The hotels, too, are increasingly relying on social media and big data for more effective marketing purposes and gaining insights to understand what their guests want and serve them better. Every endpoint can be synchronized to a centralized system which allows for a one-pane view of the whole hotel operation from end to end, integrating everything from its property management systems and revenue management systems to bookings and business intelligence software.
This need for hyper-personalization in guest experience and interconnectivity between all aspects of the business means the hotel collects and stores more data. The surface area and point of entry for a cyberattack are more extensive. Thus, hotels are always a prime target for the bad actors and as such, having a cyber defense strategy is imperative.
Ways that hotels can protect themselves against malicious cyber assaults
While nothing is foolproof, here are some of the ways that hotels can protect themselves against malicious cyber assaults and amp up their data security:
- Ensure its cybersecurity measures, including that of its vendors and third parties involved in the hotel operations, are up to industry standards and comply with data protection regulations such as GDPR, SOC-2, PSD2, PCI, NIST and more.
- Keep up to date with cyberattack incidents and trends to keep pace with the techniques the criminals are using and educate and train staff in cybersecurity best practices.
- Apply the latest patches and upgrade legacy technology to plug any known vulnerabilities and capitalize on the most modern security protocol and systems
- Put in place robust data protection and disaster recovery measures, such as immutable storage, to prevent data from leaking and lessen downtime.
6 March 2024