Skip to main content

Home/ Hospitality Technology/ Group items tagged encrypted

Rss Feed Group items tagged

marilyn diaz

Thieves Won't Wait. Neither Should You. | hospitalityupgrade.com - 3 views

  • data is under attack
  • the most afflicted industry was accommodation/foodservice
  • use a combination of hacking and malware (61 percent).
  • ...11 more annotations...
  • success stealing data “in transit” (62.5 percent) versus stored data (28 percent)
  • What this tells us is hotels and restaurants need to do more to protect sensitive payment data and be proactive in keeping up with the hackers and thieves. We also need to pay particular attention to properly securing data as it moves through the merchant IT environment.
  • Point-to-point encryption (P2PE) is a technology
  • has only recently gained momentum in the hospitality sector.
  • P2PE places “data in motion” in a wrapper that can only be decrypted by an endpoint that has the requisite key.
  • The goal of point-to-point encryption technologies is to encrypt as close to the point of entry as possible and guard against thieves who attempt to install sniffing/hacking software on a merchant’s network.
  • P2PE solutions can significantly reduce a merchant’s card data environment, mitigate potential breaches and simplify PCI DSS validation efforts.”
  • You should also understand the types of cards and transactions that can be encrypted. Does the solution encrypt both swiped cards and manually entered cards? Does it encrypt online transactions, as well as on-site or card-present transactions? Is the solution tamper resistant and, what happens if an attempted breach occurs? Where is the HSM (hardware security module) located? Even if data were to be intercepted, is it rendered unusable to cyber thieves?
  • A hosted solution will shift much of the burden of responsibility to the third-party provider and free you from having decrypted data in your environment.
  • Keep in mind, there is no single silver bullet when it comes to payment security. Even with EMV, stolen cardholder data could be used for a fraudulent online transaction. Merchants should implement a variety of technologies and techniques as part of a multi-layered approach to security that ultimately includes EMV to protect against counterfeit card fraud, tokenization to protect data at rest, and P2PE to protect data in-flight.
  • Thieves won’t wait for a unified approach and specification, and are looking to access your valuable data now. By taking a proactive approach to security that includes point-to-point encryption, asking the right questions, choosing trusted partners and keeping yourself updated, you can protect your customers’ data and your reputation.
  •  
    This article deals with the theft that happens on a daily basis in the hospitality field. It happens when credit cards are used to pay for something, like a reservation, and thieves want the information, so they can use your credit card number for whatever intentions they may have. As the article states, "our data is under attack". I can relate to those people that have had credit card numbers stolen, because it has happened to my husband and me, and it is a horrible feeling trying to get your life back on track and recover your money.  I think it would be a great idea, with some research, to get the point to point encryption technology in a field where credit cards are used so often, not only to cover the business (hotel), but also to protect the guest, so they feel at easy when they travel on vacation or business.  The overall point of this technology is to encrypt the information as close to the point of entry, i.e. the swiping of the credit card, as possible. This would in turn "significantly reduce a merchant's card data environment", as the program would encrypt the information so that hackers cannot access the customer's information. As I mentioned earlier, questions should be asked before buying this technology, as there is always something new on the market that may be better. Credit cards are not always swiped, but can also be manually placed in the system, so you want to make sure, that both transactions are protected. Overall, the establishment should always be concerned about the customer and their safety, whether physical or mental and always be prepared for the worse.
  • ...1 more comment...
  •  
    Marilyn, This is a great article and I wish this type of technology was everywhere because like yourself I have credit card numbers stolen before and it is a long process to end that. Working in the hospitality industry we would need to make sure that it is everywhere that a credit card is entered whether that being swiped in house, typed in the system manually, or even processed via the internet. In the hospitality industry we should be very aware of our guests safety and like you mention it is not only just physical safety that is a concern it is the mental state as well making sure the guests credit cards are safe and do not have a chance of being stolen by a hacker. This is a great article, keep up the good work!
  •  
    Great article! Personally after being a victim of credit card fraud, I'm very apprehensive of where I shop, who handles my card and how long it takes them to return it. I recently cancelled a large purchased after the cashier insisted on rubbing my card number on the reciept after the transactions had be approved. In my mind, I was thinking "If I let you do that, then I've open the door for anyone to charge thousand of dollars. I don't think so." As a manager, who hands credit card numbers for manual input, I'm very cautious of them and want to insure that they don't get into the wrong hand. Aftern each transactions is approved, that number is shredded and the credit card machine is batched out. Companies don't realize how important it is to PCI compliant. The risk in exposing sensitive information of our clients and customers can cost thousand of dolllars in fines and fee, in addition to the lost of that customer/client.
  •  
    Marilyn, Great Article...as a Front Desk Manager, it is my responsibility to randomly check our computers to ensure employees are not placing USB driver to collect data from our system. Our company has taking this a step further by putting metal locked case around the PC to avoid possible fraudulent activity. If we have to open a PC, we must log it to show proof why a PC became unlock. Companies should adopt similar procedures to protect the consumers/guests. Nelson
jordanskj

10 Ways to Reduce Cybersecurity Risk for Your Organization | UpGuard - 0 views

  • ‍Cybersecurity breaches have been on the rise, and it's expected that by 2023, they'll have grown to 15.4 million
  • Make sure all your sensitive data is encrypted
  • Saving your data in normal-text format only makes it easy for hackers to access
  • ...10 more annotations...
  • Some data encryption software even lets you know when other people try to alter or tamper with the information
  • You should also conduct regular backups for your important information
  • statistics show that over 3.4 billion phishing emails are sent globally
  • a hacker may send an email impersonating leaders in the organization asking for personal details
  • make sure you use a patch management system to automatically manage all updates and uphold information security
  • over 80% of organizational data breaches result from weak passwords
  • Chances are that your cyber security is highly dependent on third-party vendors, which is why you can’t afford to ignore vendor risk management
  • Conduct a security assessment and determine whether your critical infrastructure is safe from security breaches.
  • have your IT security teams analyze all server logs frequently and conduct cybersecurity framework audits to make sure their integrity is intact.
  • you should defend your networks from cyber attacks by installing firewalls
  •  
    In this article, the author discusses many different ways to help a business reduce their risk for cyber attacks. The article touches on a statistic about cybersecurity, stating "During the first half of 2021 alone, over 118 million people were impacted by data breaches". There is quick talk about how the policies that a business implements is the make or break of the cybersecurity for your business. For example, one of the main tips to reduce cyber attacks in your business is to make sure your data is encrypted. "Saving your data in normal-text format only makes it easy for hackers to access. Data encryption, on the other hand, limits data access to parties that have the encryption key". Another tip to prevent cyberattacks highlighted in the article is to keep all your employees educated and informed about malicious emails. Conducting regular employee trainings about the dangers of these types of emails could save your business. These types of emails are known to send links that could hack the system, as well as pretend to be higher-up employees in the company asking for personal data or financial information. The article is extremely educational to every business, as well as just the everyday consumer. Keeping your confidential information as confidential as physically possible is very much doable, as long as you make sure you follow these 10 simple tips.
Christina Eveillard

Security challenges with cloud computing services - 0 views

  •  
    One of the major issue of cloud computing is encryption, which is the process of transforming information to make it unreadable to others users.  Encryption arises as a problem in cloud computing because not all the companies that are providing the service of cloud computing but not the encryption services which is very important for the safety on the data of the customers. When choosing to use cloud computing, it is important to find out al the services that the cloud offers because without the encryption services, the security of the data also decreased said Subra Kumaraswamy a senior security manager at Sun Microsystems INC.   Another issue when it comes to cloud computing is authorization because not all providers can control who can access their data, which make the data vulnerable to hackers.  In my opinion before someone decide to use the cloud computing it is important that the customers make researchers about the feature  and services that the cloud is using to make sure that is the best option for the company 
Adilen Alfonso

Encryption: The New Buzzword in Data Security | hospitalityupgrade.com - 0 views

  • n practical terms, that means that even if a hacker succeeded in penetrating a merchant’s payment system environment, either for face-to-face or online transactions, cardholder data would be rendered unreadable to the thief.
  • Data field encryption can represent an effective security layer by eliminating any clear text cardholder data either in storage or in transit,
  •  
    This article describes the importance of credit card security in the hospitality industry. End-to-end encryption (data field encryption) protects credit card consumers' information from hackers. In 2008, 50 percent of card hacks were targeted at hotels and restaurants, therefore, the industry is cracking down on the security of consumer data. Basically, the data encryption acts as a layer of extra security by erasing any consumer data that is left in transist after the transaction is made. The implementation of it is very important,there are still industry standards being put into place so that it can work efficiently. Visa is one of the forerunners that developed and published information on the best practices for the encryption.
  •  
    Data field encryption can be the solution to protect the credit card information of the guests. Nowadays there are still problems with cardholder data in many establishments such as bars, restaurants, shopping stores, and hotels.
  •  
    I think its one of the best security tools that the industry could adopt. It is such a common way for hackers to gain information and money, that it is often over looked. I for one have never given it much thought when I give my credit cards at hotels, but it will definitively be in the back of my mind from now on.
jlewinsky

Hotels: Are Your Cyber Defenses Ready for 2021? | Hospitality Technology - 0 views

  • Two of the top five biggest data breaches made public in 2020 were at hotel chains. Attackers stole personal information including names, emails and addresses from 5.2 million guests at Marriott and 10.6 million guests of MGM Resorts.
  • To ensure a swift recovery from COVID-19, the hospitality industry must shore up its cybersecurity protections — or risk more headline-making breaches in the future.
  • Risk is especially high at hotels because attackers have multiple points of entry.
  • ...14 more annotations...
  • Breaches undermine hospitality brands’ reputations and erode customer trust. Eighty-one percent of consumers will stop engaging with a brand after a breach, according to a 2019 study.
  • Guests may share their credit card numbers with the hotel in advance via a booking app or website, opening up the possibility of web-based attacks. Loyalty programs are another source of online vulnerability, with an estimated $1 billion a year lost to account fraud and related crimes.
  • However, one of the biggest vulnerabilities may be on the hotel grounds themselves.
  • hotels have multiple point of sale (POS) terminals across different locations, from the front desk to restaurants, all of which are connected to each other. If a POS device is not properly secured, attackers can use malware or other attack vectors to steal clear-text credit card numbers and other data.
  • POS attacks remain one of the most common causes of data breaches in accommodations and food services.
  • When it comes to cybersecurity, companies today have two options: Defend the fort or devalue the data. The former is the more traditional approach. By strengthening the digital “walls” around your data — via firewalls, intrusion detection, 24/7 monitoring and other security protections — the defend-the-fort approach works to keep attackers from accessing your systems at all.
  • One important and underutilized aspect of cyberdefense is employee training.
  • Make sure your employees use strong passwords and know how to spot fraud and spear phishing attacks. You may also want to limit employee access to confidential data, so if an account gets hacked, private guest information doesn’t go with it
  • You should also make sure your software is up to date with all security patches, as attackers often exploit known weaknesses in programs. Isolating POS devices from the rest of the network can also limit the damage from malware infections at that entry point.
  • it’s unlikely that even the strongest digital “walls'' will prevent all incursions. Defenses are important, but the ever-changing nature of technology means that new, hard-to-catch vulnerabilities will pop up all the time.
  • important to devalue your data, rendering it unusable to attackers who gain access to your systems. One way to do this is to implement point-to-point encryption (P2PE) by encrypting payment information from the moment it enters your network at the POS
  • Encrypted data is unintelligible to anyone who doesn’t have the right digital key. Implementing P2PE is the only way to ensure that clear-text payment data doesn’t fall into the hands of attackers targeting POS systems with malware.
  • Data that’s stored for the long term, like passport information or credit card numbers saved to a loyalty program, can also be devalued through tokenization. Data that’s tokenized gets replaced with an alphanumeric pseudonym, so the actual sensitive information isn’t stored on your servers. This method helps secure guest information beyond the initial transaction at the POS.
  • Hotels that reckon with their security vulnerabilities now will protect themselves from fines and other fallout from data breaches as business rebounds. They’ll also build deeper, more trusting relationships with customers by keeping their personal information secure. By strengthening security protections and devaluing their data, hotels can set themselves up for a brighter future. 
  •  
    This article describes the vulnerabilities in the security systems of the hotel Industry. The POS system was recognized as one of the most vulnerable areas that are more targeted by hackers. This is due to the multiple stations where the POS systems are located on the premises of the hotel. Likewise having POS systems independent of the hotels security system left the system open to hackers. Two options to defending the cyber-defense, are digital walls and employee training. Digital walls works by keeping hackers from accessing the systems. Although even with a strong firewall it is recommended to implement point-to-point encryption (P2PE), this encrypts payment information of guest. the other is tokenization. This uses alphanumeric pseudonym to protect data stored for long periods of time. Another way to prevent cyberattacks is employee training, encourage the use of strong passwords an dhow to detect fraud and phishing attacks.
demax85

Boosting the efficiency of your POS system - Information Age - 2 views

  • Point-of-sale systems are critical to managing stock, tracking orders, recording customer details, logging hours and numerous other activities that enhance customer service and boost employee performance.
  • Due to the increasing demand to serve customers quickly, POS systems need to be fast and durable.
  • As retailers continue to focus on prioritising customer service, their IT systems need to do more than just process transactions.
  • ...8 more annotations...
  • One survey found that 80% of consumers are not willing to wait longer than five minutes in a queue.
  • SSDs enable systems to boot up faster, load data almost instantly and increase overall productivity.
  • However, the price of SSDs has reduced significantly and they are now widely accessible.
  • By installing SSDs into your POS systems, you will notice an increase in productivity and efficiency. POS systems are subject to a range of environments where their durability is tested.
  • They are often prone to shock, bumps and vibrations which could break the hard drive. However, as SSDs have no moving parts there is nothing delicate to break.
  • Data stored on retail systems is an asset and a liability. Self-encrypting SSDs use an encryption engine built into the hardware that encrypts every file.
  • Not only will individual POS systems work better, but the organisation will be more efficient. When everyone is working faster, retailers can serve customers more effectively, beat the competition and make more sales.
  • Point-of-sale (POS) systems are now a vital component of ‘bricks-and-mortar’ retail
  •  
    This article is talking about having POS with solid state drives. They do not have moving parts so they are not as delicate as the HHD hardware. Retailers not only want to be efficient in how they run their business by having a reliable POS system but they also want to boost customer service by having a system that works faster. As technology moves at a faster pace, customers are also looking for quicker service. The SSD hardware is self-encrypting, protecting customer data, it boots up faster, energy efficient using less power from the POS and are now widely accessible.
  •  
    This is a great article that looks at the positives of the SSD hardware. I think that the main positives to our industry would be, as you noted, the encryption of consumer data, and the speed of the transactions. Customers are very aware that their information can be hacked if the POS doesn't provide an extra layer of protection and this hardware looks to give customers a sense of security. As for speed of the transaction, the data is absolutely accurate regarding whether a person will wait for something to process, or move on to another option. One example is the unattended POS system we spoke of earlier speeding up transactions at restaurants and hotels, whereas having this option in your POS wil just increase efficiency and speed. Thanks for the article!
lin liu

The latest from HTNG - Hotels unpack the future of credit card security | Hotel Management - 0 views

  • The Framework is aimed at reducing the cost and complexity of satisfying the Payment Card Industry Data Security Standards (PCI-DSS),
  • Travel Daily News reports that the new Framework calls for tokenization to encrypt the credit card information at the point-of-swipe.
  • Bloomberg BNA reports that on Feb. 14, the Council released new guidance for merchants who accept payments on mobile devices.
  • ...2 more annotations...
  • February also saw the release of the Council’s guidance on security and cloud computing.
  • The Council goes on to note that cloud computing remains an evolving technology, and merchants must be careful to evaluate competing cloud services and establish clear security policies and procedures.
  •  
    Hotels have to comply with Payment Card Industry Data Security Standards, which are constantly updated since technology is developing. Also, 'the hotel industry has unique vulnerabilities to credit card theft', since the cards should be available over the long period of time, and to different 3rd parties as well. The new technology will encrypt credit card information at the point-of-swipe, and the number never gets to any other place in the hotel or other business. The other issue is payments on mobile devices. Where it is advised to encrypt information prior to using the device, and avoid "bring you own device policy'.
  •  
    This article introduces the Secure Payments Framework in Hotel Technology Next Generation (HTNG) Conference. The Framework applies mobile payment and cloud computing technology to reduce the cost and complexity of satisfying the Payment Card Industry Data Security Standards. The credit card security is a big challenge for all hotels, especially for the small hotels, lacking expertise and budget to protect customers' card information. There are many advantages of the new card framework. Firstly, the new Framework can encrypt the credit card information at the point-of-swipe. In this way, the card number can't be stolen by other systems. Secondly, it is scalable for different sizes of hotel. Thirdly, new guidance is made for accepting payments on mobile devices. Before processing payment, the merchant need encrypt cardholder, to make sure more security. What is more, new policy on cloud computing. The cloud service provider and its clients are both responsible for the security of cloud data. The policy also need merchants to evaluate competing cloud services and carefully pay procedures.
bhern082

Panama Residence Inn implements VingCard RFID locks | Hotel Management - 0 views

  • the hotel recognized the need to implement advanced security solutions in order to provide each guest with peace of mind throughout their
  • stay.
  • Hotel leadership opted to implement Elsafe Zenith safes and VingCard door locks
  • ...5 more annotations...
  • The presence of VingCard locks and Elsafe electronic safes throughout the hotel ensures that each area is fully secure while allowing those authorized to seamlessly gain access with minimal effort.
  • with mobile access-ready abilities so that guests and their belongings can be protected using the latest in encryption technology while future proofing operations to meet evolving guest needs.
  • With guests increasingly expecting the instant convenience of digital key functionality, Essence's mobile access-ready design further equips property leadership with the ability to provide the feature without the need for additional hardware or installation.
  • With Classic RFID, the property's staff-only locations can likewise benefit from the latest in encryption protocols to ensure that only those with authorization can gain access. 
  • With Classic RFID, the property's staff-only locations can likewise benefit from the latest in encryption protocols to ensure that only those with authorization can gain access
  •  
    This article refers to the Residence Inn Panama City implementing VingCard RFID locks in their suites and staff only areas. This technology helps improve the hotel and makes it easier to implement future technologies like apps that can be used as the room key. With Classic RFID, the property's staff-only locations can likewise benefit from the latest in encryption protocols to ensure that only those with authorization can gain access. This form of IT helps make this property more accessibly and up to date with technology.
agrie013

Cloud Storage Security: How Secure is Your Data in The Cloud? - 0 views

  • Hybrid Cloud: Many companies choose to keep high-volume files on the public cloud and sensitive data on a private cloud. This hybrid approach strikes a balance between affordability and customization.
  • Intrusion Detection: Online secure storage can serve many users at the same time. Successful cloud security systems rely on identifying when someone tries to break into the system. Multiple levels of detection ensure cloud vendors can even stop intruders who break past the network’s initial defenses.
  • Internal Firewalls: Not all accounts should have complete access to data stored in the cloud. Limiting secure cloud access through internal firewalls boosts security. This ensures that even a compromised account cannot gain full access.
  • ...5 more annotations...
  • Encryption: Encryption keeps data safe from unauthorized users. If an attacker steals an encrypted file, access is denied without finding a secret key. The data is worthless to anyone who does not have the key.
  • Authentication: Weak passwords are the most common enterprise security vulnerability. Many employees write their passwords down on paper. This defeats the purpose. Multi-factor authentication can solve this problem.
  • Breach Drills: Simulating data breaches can help employees identify and prevent phishing attacks. Users can also improve response times when real breaches occur. This establishes protocols for handling suspicious activity and gives feedback to users.Measurement: The results of data breach drills must inform future performance. Practice only makes perfect if analysts measure the results and find ways to improve upon them. Quantify the results of simulation drills and employee training to maximize the security of cloud storage.
  • Is the Cloud Secure and Private?Professional cloud storage comes with state-of-the-art security. Users must follow the vendor’s security guidelines. Negligent use can compromise even the best protection.
  • Redundancy makes cloud storage security platforms failure-proof. On-site data storage is far riskier. Large cloud vendors use economies of scale to guarantee user data is intact. These vendors measure hard drive failure and compensate for them through redundancy.Even without redundant files, only a small percentage of cloud vendor hard drives fail. These companies rely on storage for their entire income. These vendors take every precaution to ensure users’ data remains safe.
  •  
    This article goes into how secure is data that is stored in the cloud. There are three different types of cloud storage. one is public, two is private and three is hybrid. The article states that most companies go with hybrid because of its versatility. cloud storage does have built in security that includes intrusion detection, internal firewalls and file encryption. the article does list that there is security risk that come with cloud storage. week passwords are one of the main concerns when it comes to cloud security. Cloud companies do what's called breach drills to see if there are any weakness in the security and if there are how do they handle the situation if the system is compromised. this article does list the pros and cons of cloud services but in the end, it shows that the writer for this article is biased towards the use of cloud services.
  •  
    Breach drills sound like a great idea! It would be helpful in continually maximizing security efforts and determining weak points in the system, especially with technology advances and computer viruses becoming stronger.
Sophia Yam

Todd Seiders, NFC locks, Kaba Lodging, RFID locks, VingCard Elsafe | Hotel Management - 0 views

  • The newer locks don’t have the encryption code in each one; the code is issued at the front desk.”
  • These mechanical caps and security screws block physical access to the lock ports that hackers use to illegally break into hotel rooms. The mechanical solution remains free of charge to customers. Technical solutions vary depending on the age, model and deployment of locks at properties.” 
  • NFC-compatible door locks can streamline the check-in process by allowing guests to skip the front desk and use their smartphone as a room key, but standardizing the credential delivery between the phone and the lock remains a challenge, said Giovanni Iacovino, VP development of mobile solutions at Kaba Lodging.
  • ...1 more annotation...
  • They use very high-level security and encryption protocols to employ the delivery.”
  •  
    Following a robbery at a Houston hotel in which thieves exploited security flaws in Onity locks first revealed at the Black Hat conference in July, Hotel Management spoke with Todd Seiders, director of risk management at Petra Risk Solutions and former director of loss prevention at Marriott, for tips on how hoteliers can keep their rooms secure. An NFC-compatible lock, such as this Signature RFID by VingCard lock, can streamline the check-in process.
  •  
    Some of the major concern hotel such as Houston hotel are facing is robbery. A lot of the older locks in the hotel are so old that it may be easy to rob precious items from the guest rooms. NFC has a new lock where the newer lock does not have an encryption code, instead the guest will get a new code from the front desk. The new lock ensure that hackers can not easily hack into a guest rooms. In addition, the new NFC-compatible locks help guests skip the check in process at the front desk and instead use their mobile phone to open their guest room doors and check themselves into the hotel.
JIACHEN LI

Study: Hotel network security lacking - SC Magazine - 0 views

  • Most U.S hotels are vulnerable to malicious attacks and are "ill prepared" to protect their guests from internet security problems, claims a study published by Cornell University
  • hotels
  • having a robust set of firewalls that are managed and properly configured, splitting networks, and educating staff of the importance of security standards.
  • ...3 more annotations...
  • Ogle recommended that all hotels use Wi-Fi Protected Access (WPA) encryption,
  • For guests, Ogle recommended connecting to the internet using a Virtual Private Network (VPN)
  • ted anti-virus and firewall software and making sure each secured website starts with “https://” rather than “http://”. The danger of not securing a
  •  
    The Article attached to this link reports commun issues found in hotel internet networks. The author mentions a study conducted with 38 hotels. It resulted that 33 out of the 38 hotels had flaws in their network configuration and allowed the researcher to access unauthorized information via the internet. We all understand that reliable internet connectivity is a priority for guests and business travelers; however, security is a concern that can't be neglected. Another reason to be concerned is that so many softwares and applications are stored via internet. Adding a password is a simple measure that every business should consider. Network issues cold not only hinder guests but the hotel as well.
  • ...1 more comment...
  •  
    Nowadays, since many business travelers connect remotely to continue working while on the road, the potential for theft of corporate information exists. Some hotels still rely on relatively rudimentary hub technology for their networks, and these are particularly subject to hacking. Tested by Ogle, most hotels are lacking of security and responsibility for the safety when guest searching internet. Guests' information is easy for the hackers to steal, which means when we use the network in the hotel, we are almost peeped by other people we are unknown. Such a terrible thing! Hotel should increase its network's security, a hotel could potentially be considered at fault for not taking the necessary precautions to protect their guests from hackers. Based on this article, hotels can use Wi-Fi Protected Access (WPA) encryption, the password can provide kind of base wall to protect security. What is more, it is necessary that having a robust set of firewalls that are managed and properly configured, and educating staff of the importance of security standards.
  •  
    According to the research by Cornell University, most US hotels are vulnerable to hackers. There are two main reasons contribute to the issue. One is the flaws in many hotels' network topology, making it possible for customers to lose their privacy. The other is careless employees provide access information to help hackers' breach. Ogle thought that WPA encryption, VPN and training employees are good ways to solve the problems. I think that if the computer networks of hotel are weak, the guests' password, email message or other private information will not be protected, and they will even suffer loss. So it is important for a hotel to use different measures as Ogle recommended to ensure the safety of the computer network.
  •  
    this article is talking about the problem on the hotel network security. a author from the Cornell university said he tested wireless network at 38 hotels at the same time. he found that most hotels were easy to break into. moreover, as long as you use the Linux distribution BackTrack and a high-power wireless card and high-gain omnidirectional antenna, you can break into the hotel guest network and then get the password, email message and the website people are viewing. importantly, this procedure just cost 100$. this is full of loopholes. hotel manager should pay more attention on this problem. at the end of the article, the author recommend a security app called Wi-Fi Protected Access encryption. this app require the guest to enter the password if the guest wants to surf the internet.also, he recommend connecting to the internet using a Virtual Private Network (VPN), having updated anti-virus and firewall software and making sure each secured website starts with "https://" rather than "http://".
rebecca Bonet

Keeping hotel locks safe | Hotel Management - 1 views

  • Our Classic magstripe locks do not store critical security information within individual locks, such as master key information, and any service device must authenticate itself through diversified encryption methods to gain access to the lock software
  • VingCard Elsafe’s locks can also detect tampering and work to alert hotel security staff using the company’s VISIONLINE system. “[The VISIONLINE system] incudes alarms to alert the hotel front desk if someone attempts to tamper with a door lock as well as providing real time alerts to the hotel’s security staff when activity is detected that a card is being misused,”
  • Other alarms include detecting that a door is forced open, left open, or ‘mule tool’ intrusions when a door is opened from the inside handle without an occupant in the room.”
  • ...18 more annotations...
  • VingCard Elsafe provides comprehensive training on the technology for the hotel staff and encourages everyone who will have interaction with the locks to participate
    • TIANJIAN ZHANG
       
      Nowadays, locks security is an essential issue in hospitality industry. Actually, most hotels upgrate their locks systems with advanced technology. The role of technology in the security sector is fundamental, but despite the rapid technological progress, one thing has remained constant: the importance of trust. Whether hoteliers wising up to the fact that they've bought what could be called a flawed security system will be willing to trust the supplier of said equipment for a fix.
  • After installation, hotels must work to keep their staff trained and their system upgraded to keep pace with the latest security issues. 
  • As hotel locks become increasingly automated, preventing them from becoming vulnerable to security concerns has become a top priority for hoteliers.
  • As hotel locks become increasingly automated, preventing them from becoming vulnerable to security concerns has become a top priority for hoteliers.
  • When VingCard Elsafe moved the industry towards RFID technology, security was one key driver, and our primary focus was to add additional security to the RFID card to prevent cloning. To that end, VingCard Elsafe hotel locking systems do not work with cards that have no anti-cloning capability.”
  • As hotel locks become increasingly automated, preventing them from becoming vulnerable to security concerns has become a top priority for hoteliers
  • , preventing
  • As hotel locks become increasingly automated, preventing them from becoming vulnerable to security concerns has become a top priority for hoteliers
  • As hotel locks become increasingly automated, preventing them from becoming vulnerable to security
  • “  Our Classic magstripe locks do not store critical security information within individual locks, such as master key information, and any service device must authenticate itself through diversified encryption methods to gain access to the lock software ,” Shea said. “  When VingCard Elsafe moved the industry towards RFID technology, security was one key driver, and our primary focus was to add additional security to the RFID card to prevent cloning. To that end, VingCard Elsafe hotel locking systems do not work with cards that have no anti-cloning capability.”
  • VingCard Elsafe’s locks can also detect tampering and work to alert hotel security staff using the company’s VISIONLINE system. “[The VISIONLINE system] incudes alarms to alert the hotel front desk if someone attempts to tamper with a door lock as well as providing real time alerts to the hotel’s security staff
  • VingCard Elsafe’s locks can also detect tampering and work to alert hotel security staff using the company’s VISIONLINE system. “[The VISIONLINE system] incudes alarms to alert the hotel front desk if someone attempts to tamper with a door lock as well as providing real time alerts to the hotel’s security staff when activity is detected that a card is being misused,”
  • For instance, a ‘wandering intruder alert’ warns hotel security personnel when a card is presented to a number of different doors.  Other alarms include detecting that a door is forced open, left open, or ‘mule tool’ intrusions when a door is opened from the inside handle without an occupant in the room.”
  • After installation, hotels must work to keep their staff trained and their system upgraded to keep pace with the latest security issues.  
  • VingCard Elsafe provides comprehensive training on the technology for the hotel staff and encourages everyone who will have interaction with the locks to participate ,”
  • As with any hotel upgrade, hoteliers understand that renovation and upgrades are a regular part of running their business
  • Looking past RFID solutions for instance, VingCard Elsafe has made our RFID locks compatible with next generation technologies, like Near Field Communications (NFC), providing our customers with an easy upgrade path at reasonable cost.”  
  •  
    This article discusses the security issues with room keys. These hotel locks will not open with cards that are read as duplicates or duplicatable. The locking mechanism has been specifically designed to alert the front desk and secuirty departments in the event these locks are tampered with. I'm sure at one point or another we have all experimented with our room key and tried to open other doors. A system like this will prevent activity like that.
  • ...2 more comments...
  •  
    VingCard Elsafe, the global leader in hospitality security and part of the ASSA ABLOY Group, announces that it has phased out the use of brass metal plating and painting in the manufacture of its locking systems, opting instead to use a more eco-friendly process to color stainless steel. VingCard Elsafe has adopted a new method of metal coloration called physical vapor deposition, or PVD, an environmentally friendly process that involves vaporizing an alloy onto stainless steel within a heated vacuum. PVD requires no chemicals and produces no waste or hazardous materials of any kind, resulting in no environmental impact whatsoever. The PVD process has other added benefits, as well. PVD-treated surfaces have high wear resistance for discoloration, and the stainless steel adds enhanced anti-corrosion properties. Besides eliminating the negative environmental effects of the brass plating process, the move by VingCard Elsafe to simplify its lock manufacturing process has had other related green benefits. By doing away with the need for secondary surface treatments of the locks, new product components are now supplied directly from metal stamping to the point of use in the assembly line. This means less shipping and transportation is required for product manufacture, resulting in a diminished carbon footprint.
  •  
    VingCard Elsafe is a new kind of lock system, which contains RFID technology and is compatible with the Near Field Communications. It has several advantages compared to traditional magstripe locks. First of all, it can add security to the RFID card and prevent cloning, which is much safer than the traditional key card. Another is that it can detect tampering and know when and where staffs use the lock. It can send alert to the front desk. Moreover, the front desk can know when the door is forced open. However, before using the lock system, training program should be provided. So this new kind of lock system brings safety to the guests and to the hotels.
  •  
    This article talk about the issue that hotel are having with their security system lock for guest room. These cards are easy to duplicate. The new system will alert front desk or security if the lock has been tampered with. Other alarms include detecting that a door is forced open 'mule tool' instruction when a door is open from the inside handle without an occupant in the room.
  •  
    This article discusses the current state of hotel lock safety. Monitoring safety has changed as these locks become more automated. The article states that, "Hotel Management corresponded with Tim Shea, president of ASSA ABLOY Hospitality, for ways in which vendors are keeping hotel locks secure." Through VingCard Elsafe's locks, hotel security and safety has increased. VingCard says, "Our Classic magstripe locks do not store critical security information within individual locks, such as master key information, and any service device must authenticate itself through diversified encryption methods to gain access to the lock software." This is just one of the ways the locks increase security. The article also states that the system is cost-effective for hoteliers.
paige rosenberg

The Future of Hotel Security - AOL Travel News - 1 views

  • Technology is opening new doors to hotel safety
  • Yet more card-free security systems are on the way
  • eventually new security measures will become such a part of our everyday lives that they will become the norm.
  • ...12 more annotations...
  • Systems that track the other qualities that make each human unique are in development as well.
  • here are some systems being explored that can allegedly sniff someone, and also systems that can recognize the pattern of blood veins on a human being which are apparently unique to the individual,
  • new thing is contact-less Smartcards and RFID (Radio Frequency Identification) cards that need just be waved to allow room access.
  • Kimpton's 190-room Nine Zero Hotel in Boston was the first hotel to install a biometric iris scanner back in 2004
  • we navigate hotels is set to change in the blink of an eye. Or the swipe of a cellphone. Or the print of a finger. With futuristic systems like scent and iris scanners and digital facial-recognition, hotel security is being taken to the next level. #plain_module { width: 590px; height:170px; border: none; float:left; margin:0px; font-size:12px;} #plain_module img {border:none; width: 13px; height:14; border: 0px; margin:0px; } #plain_module .mini_main { margin: 0px; padding:0px; width:585px; height:220px; repeat scroll 0 0} #plain_module .mini_item_header {padding:10px 0px; margin: 0px 0px; font-size:16px; color: #555555; border-bottom:1px dotted #CCCCCC;} #plain_module .mini_item {padding:5px 0px; margin: 0px 0px;} #plain_module a { color: #49A3CA; text-decoration:none; } #plain_module a:hover { color: #F98419; text-decoration:underline;} span.gray {color:#949494;} .mini_main li{list-style-type: none;background-image: url(http://www.aolcdn.com/travel/bullet);background-repeat: no-repeat;background-position: 0 1px;padding-left: 10px;}
  • Those plastic key cards that once seemed so innovative will soon go the way of the actual key
  • "In addition to Radio Frequency Identification, there are also systems that use a smartphone, such as an iPhone,"
  • When a guest checks into a hotel and provides their phone number, they get an encrypted sound code via text message
  • Many industry watchers are keeping an eye on Houston's largest hotel, the vast 1,200-room Hilton Americas–Houston. The hotel has a facial recognition system that can identify and track guests, employees, and even suitcases
  • 1,200 rooms worth of luggage in transit, the system makes it a lot easier to find lost or misdirected bags.
  • Returning guests will be recognized and greeted by nam
  • "Hospitality all over the world has become more aware of past vulnerabilities that they might have had and have closed these holes by more in-depth training and awareness of guests and staff," he says. "In today's society, all travelers are becoming interdependent on each other for safety and security."
  •  
    This article talks about the future trend of the hospitality security, which is technology is opening new doors to hotel safety.  The author introduces some different technologies such as Contact-less Smartcards and RFID that hotels like New York's Plaza Hotel are currently using. Finger print or cellphone wipe technology is also used instead of card, which should be more safe. Some hotels even use video-capture systems to make sure the security is perfect. After introducing these technologies, the author also talks about the privacy issues. Because some customers are not willing to be on cameras. However, though some of them are concerning about this issue, an expert predicts that new security measures will eventually become such a part of everyone's everyday lives that he or she will become the norm. All in all, this article gives us the trend that more and more technologies will be used for hotel security in the future.
  • ...7 more comments...
  •  
    I think PR representatives should address the privacy controversy surrounding radio frequency identification technology with a safety campaign. This may help consumers realize that they are not in the privacy of their own home when they are in the hallways of hotels and cruise ships and the cameras/tracking could help protect them. As long as the data collected is not misused these technologies will continue to be present in these locations.
  •  
    It's pretty important for the hospitality industry to present these new technologies as wonderful security measures. People could be put off by knowing they have to swipe their finger to get into a bathroom. The success of these technologies depends on effective marketing and proven security measures that ensure collected information about a traveller will not be used in unethical ways.
  •  
    Interesting article it is. Security is always the big issue for hospitality. I would like to stay in a hotel that is using finger print as the key card of the hotel because i believe that is much safer than cards that anybody can access my room by using the card.
  •  
    In this article all of the new trends for hotel security are described and examples of where they are being implemented are given. Thanks to technological innovations hotel safety is heading into a whole different level. Now key cards are being change to more sophisticated ones that need just to be waved to open a room door. In the near future it is expected for these cards to be used as a payment method and to check-in and check-out. In the U.S biometrics technology is starting to be used by a small number of properties not only for guests to access their rooms but for employees. Facial recognition systems with the ability of tracking guests and employees are also being implemented. This system helps to improves customer service as it helps to really understand guest's preferences, as enormous amount of information can be extracted as they are constantly being monitored. Other technologies are also being developed. The most amazing ones are the systems that track other unique human characteristics as the way a person walks or it's DNA.
  •  
    The technology of hotel changes very fast, such as swipe of a cellphone or print of a finger, or the contact cards that need just be waved to allow room access. It is like the cruise world's one card system, these cards may soon make hotel stays easier by allowing guests to pay for services, as well as to check- in and check-out, through a single device. If customers lost their cards on cruise, the radio frequency identification and smartphone will provide customers their code via text message, so they can play back the code to unlock your room door. But more card free security systems are on the way. If you want to get into your room at New York's SoHo Loft , you are going to have to lift a finger. The Nine Zero Hotel in Boston us the technology to make the property safer all round ,that means non-staff members and intruders can not access the property. Systems that track the other qualities that make each human unique in development as well. The Houston's largest hotel has a facial recognition system that can identify and track guests and an annual $16 million payroll ,the system offers benefits such as employee time theft monitoring and prevention for the hotel. But with 1200 rooms worth of luggage in transit the system makes it a lot easier to find lost or misdirected bags The Wolfe feels that in addition to the biometrics and high-tech methods currently being deployed ,one of the greatest security measures of late is actually low tech.
  •  
    The full name of RFID is radio-frequency identification. RFID is the use of a wireless non-contact system that uses radio-frequency electromagnetic fields to transfer data from a tag attached to an object, for the purposes of automatic identification and tracking. Some tags require no battery and are powered by the electromagnetic fields used to read them. Others use a local power source and emit radio waves (electromagnetic radiation at radio frequencies). The tag contains electronically stored information which can be read from up to several metres (yards) away. Now RFID in hospitality industry as a tool is used for improving service quality, customer satisfaction, market share, and profitability. As the new technology apply into hotel security, the hotels change their ways in the blink of an eye, or the swipe of a cell phone, or the print of a finger. With futuristic systems like scent and iris scanners and digital facial-recognition, hotel security is being taken to the high level and some of the luxury hotels begin to use RFID system. Usually customers will worry about lose the card of hotel. Then they can not open the door and even need to pay extra money to buy a new card. But now security systems in some hotels do away with cards altogether. Because of RFID system, customers can use the iPhone connect with the system. When a guest checks into a hotel and provides their phone number, they get an encrypted sound code via text message. Guests can play back the code to unlock your room door.
  •  
    i think there are some factors to consider. Customer Service - Many opportunities for "great" customer service are lost if guest and employee interaction is diminished. In many cases, the front desk staff give the first impression that a guest experiences. This first "experience" can be crucial for referring the guest to other property amenities, i.e. spa, restaurants, lounge, pool, attractions, etc. Often, the front desk staff are acting as the concierge and resolvers of guest issues.
  •  
    this article talks about new technology that is being implemented throughout out US and the world. Old key cards are now going to be replaced with even older standard keys or the radio frequency identification card that can be waived in front of the door to gain access. Also, there is a technology that will sent an encrypted sound text to guest;s cell phone, which when played back will open the door.  It talks about technology that tracks all employees, guests and their luggage.  There are several concerned that travelers have about their privacy, but article stated that it all depends on the type of the traveler.  Also, the face recognition technology used in Houston's largest hotel remembers guests names and when they return, guests are greeted by name.  Article concludes that even with all this technology, the best security is provided through interdependence of travelers and employees.  
  •  
    Technology in the hotel travel and tourism industry will be changing drastically in the near future, from the swipe of a cell phone, print of a finger, facial recognition, iris scanners, security is going to be taken to the next level. the plastic key cards will soon no longer exist. Radio frequency I'd cards are the new thing, where guest will use this for preferences for everything, from charging things to your room, preference of floor type to pillow choice, chick in and out etc. systems that track the other qualities of a person instead of using a key or card are in development as well. There are research going on how to open the door and. Lose wi just the persons walk and movements. Some people think these new security technologies are awesome, while some think they are not, people dont want to be watched 24/7while on vacation they just want to enjoy there stay. But in today's society all travelers are becoming interdependent on each other for safety and security.
Kai Zhang

Hotel Network Security: A Study of Computer Networks in U.S. Hotels - Cornell School of... - 3 views

  • Since many business travelers connect remotely to continue working while on the road, the potential for theft of corporate information exists.
  • not prevent malicious users from intercepting guests’ transmission
  • virtual local area networks (VLANs)
  • ...3 more annotations...
  • hotel could potentially be considered at fault for not taking the necessary precautions to protect their guests from hackers.
  • The VLAN inhibits attackers from using their computer to imitate the hotel’s main server, which is the mechanism most would use to intercept other people’s data
  • Given that the technology exists to increase a hotel network’s security, a hotel could potentially be considered at fault for not taking the necessary precautions to protect their guests from hackers.
    • TIANJIAN ZHANG
       
      The security of guests' connections to the hotels' network seems to be an essential issue in hospitality industry, especially in those commercial hotels. Based on the leaks of the network technology in the hotels, some companies may hire hackers to steal or snoop the secret data of other companies for achieving some business goals during the business people from the victimized companies staying in the hotels. Therefore, if hotels can not make sure their network system can prevent malicious users from intercepting guests' transmissions, they must admit their weaknesses of network technology and warm guests to be cautious when they access the network system of the hotels if they need to view some secret data. Anyway, hotels should keep taking the necessary precautions to protect their guests from malicious users.
  •  
    From what I research from the article, VLAN as a local area network itself actually is quite secure cause the fake IP address means a private one.  And it is already encrypted. But the hackers had imitate the hotel's main server. As for the technology developing, it seems like the more secure the system make, the smarter the hacker would be. 
  •  
    This article introduced how hotels improve their network to enhance security. To reduce the potential for stealing by theft and hacker, the W Dallas Hotel set up virtual local area networks. Compared with relatively rundimentary hub technology and encryption for Wi-Fi, the biggest advantage of this VLANs is to inhibit attackers from using computer to imitate the hotel'smain server. I think increaing a hotel network's security is very necessary, still, people should pay more attention to this and improve the techonology to make sure the security of all aspects.
Shiyuan Peng

Secure iPad POS for Restaurants - 0 views

  • Secure iPad POS for Restaurants
  • Revel Systems
  • has joined forces with Network Intercept to create a new, leading-edge iPad POS system.
  • ...2 more annotations...
  • one of the most secure restaurant POS providers on the market.
  • uses verification and encrypts all data and payment information from end to end.
  •  
    Revel Systems has joined forces with Network Intercept to create a new iPad POS system. It will make Revel Systems one of the most secure restaurant POS providers on the market. Because keeping the customers' credit card information safe is the top priority of Revel Systems, they have a passion to create the software which can provide the highest level of protection by using verification and encrypting all data and payment information from end to end.
Le Chai

Technology Used in Hospitality Security | SDA Security - 1 views

  • Smart cards and RFID (which stands for radio frequency identification) are contactless keys and work by actually sending small radio frequencies to receiving sensors
  • A guest can opt for fast check-in, wherein he gives the hotel his phone number and downloads an app.
  • the smartphone.
  • ...3 more annotations...
  • biometrics involves granting access and identifying a person by his physical traits, a thumbprint or iris scan, for instance.
  • ing a person by his physical traits, a thumbprint or iris scan, for instance.
  • With the face recognition capabilities, a hotel, casino, or restaurant can keep track of suspicious customers—or slacking employees—to make sure they don’t cause any trouble.
  •  
    Security is obviously very important in hospitality and technological advancements are helping to make hotel stays easier and more secure. The hotel industry is exploring options to that replaces the standard plastic keycards with new entry methods. One example is using smartcards or RFIDs, which stands for radio frequency identification. Smartcards and RFIDs work like a fast-pass at a gas station when quickly paying at the pump. The guest simply waves the card/key in front of a sensor granting entry. The guest doesn't have to worry about the card being deactivated by his or her cell phone and the hotel doesn't have to constantly spend on replacements. Another example is technology that allows us to enter our hotel rooms using our using our phones. Guests would download an app, receive a text message with an encrypted sound code and play it by the door to be granted entry. Using biometrics for entry is likely the ultimate level of technological security. Like in the movies, guests would have their physical attributes scanned including eyes, and/or thumbprint to identify a guest. Video cameras will always be a great form of security. Now that they're getting smaller and more vivid, surveillance makes the phrase "Big Brother is watching" all the more relevant by being a huge crime and incident deterrent. Technology is advancing rapidly and I can see some of these methods hitting mass markets sooner than we think.
  •  
    This article talks about the new technologies applied in the hotel to keep safety. The first one is Smart cards/RFID that helps to open the door via sensor receiving. The next one is smartphone, personal belongings that help to open the door with encrypted sound code. Biometrics also can help by identifying personal physical traits. For hotels, security cameras is necessity. 
anonymous

Cybersecurity Tactics for a Hotel Industry that's Under Siege - 0 views

  • Credit card fraud and identity theft should remain high on the hotel and lodging industry’s radar. Just ask Starwood Hotels & Resorts Worldwide (including their Westin, Sheraton and W Hotel brands), Hilton, Hyatt and the Trump Hotel Collection, all of which were victims of highly publicized, major breaches in the hospitality industry last year. 
  • Hotels need a ‘toolbelt’ of various security technologies that can be used to prevent malicious attacks. A managed firewall is essential, blocking dangerous traffic from coming onto the network and preventing sensitive data from being exfiltrated, or sent, to the hackers.
  • In the breaches mentioned above, point-of-sale (POS) systems were attacked and malware launched to acquire cardholder names, credit card numbers and expiration dates.
  • ...7 more annotations...
  • It can be difficult and expensive to hire and retain an IT security team
  • One way to implement these advanced toolsets includes outsourcing to a managed security firm specializing in this type of service
  • POS systems are a weak security point for many networks because they are constantly in use — and aren’t always patched, updated or protected from vulnerabilities as frequently as required.
  • personal details for hotel guests are frequently stored in a variety of locations, including billing, facilities, restaurants, etc.
  • otels are made even more vulnerable thanks to POS system provider breaches
  •   Phishing remains a particularly popular tactic used by hackers everywhere, including those that are targeting the hotel industry to trick both prospective guests, who give up credit card and personal details, and insiders, who then give up valuable login credentials.
  • File Integrity Monitoring (FIM), Unified Threat Management (UTM), and Security Information and Event Management (SIEM) should also be considered
  •  
    This article talks about how there is a serious concern in the hotel industry when it comes to credit card and identity theft. They talk about how all the major brands in the hotel industry were all victims of highly publicized, major breaches in the last year alone. Also, including airline and banks, hotels maintain a wealthy amount of database of personal and financial data. For example, with new technology systems being created, POS systems are a weak security point for many networks because they are constantly in use and are not always updated or even protected from vulnerabilities. The article talks about personal details for hotel guests are frequently stored in a variety of locations including restaurants, facilities, and government buildings, so hackers have a greater possibility to access your personal information. The bigger hotels are in more danger because of the volume of guests that come in and out of the location. Smaller hotels should be concerned not just about their security but also by ransomware, an increasingly favorable tactic to extort hoteliers by hackers who encrypt the hotels data making it inaccessible until ransom is paid for. I believe hotels need a toolbelt of various securtiy technologies that can be used to prevent future malicious attacks. I think by managing and implementing a firewall is essential which helps get rid of dangerous traffic from coming onto the network and preventing sensitive data from being hacked.
  • ...1 more comment...
  •  
    This article talks about the weakness and vulnerability of POS systems involving safety. It mentions the security breach that few companies, such as Starwood Hotels & Resorts Worldwide (including their Westin, Sheraton and W Hotel brands), Hilton, Hyatt and the Trump Hotel, faced last year (2016) involving credit card fraud and identity theft through their POS systems. It mentions how point-of-sale (POS) systems are not complete safe and how vulnerable they are because they are constantly in use and aren't always patched, updated, or protected from vulnerabilities as frequently as required. It suggests that enterprises should outsource their cyber security management to minimize costs, considering that is extremely expensive to hire and retain IT security team.
  •  
    MOD 10: This article discusses the main tactics of cyber hackers that target hotels. Point of sale (POS) systems are easy targets for hackers due to their constant use during operation hours and because of that their security measures aren't always up to date. Hotels have large data banks since they're storing consumer profile information such as home addresses, phone numbers and credit card numbers. There's a large risk when it comes to security breaches within franchises because they have access to their parent company's regional, national and global systems. If their systems are hacked and breached, then that puts the whole system of the brand at risk. Security breaches within a system can also damage a brands reputation with the public. According to the article, "Recent major breaches at Fortune 500 companies and household names across the retail, restaurant and hotel sectors demonstrate that anti-virus, anti-malware and firewalls alone are not enough to secure businesses from the ever-evolving threat landscape." Smaller properties are even at a greater risk because not only do they have to monitor their compliance with PCI but also monitoring their security systems for their database and PMS system. Some of the recommended software's that should be used by hotels looking to be proactive with their company's cyber security is File Integrity Monitoring(FIM), Unified Threat Management(UTM), and Security Information and Event Management(SIEM).
  •  
    This article explores the different tactics hotels should use after a cyber attack. The article mentions several different type of attacks such as Phishing when hackers trick customers into giving up their login credentials. Ransomware, when hackers encrypt data making it unusable and inaccessible for the hotel. Not one solution but rather companies should be equipped with a series of technologies from firewalls to file monitoring programs. Some of these technologies, like SIEM requires an intelligent IT team to have the capabilities of analyzing and monitoring the reports produced. This may be more difficult for smaller businesses to implement and maintain.
irinatroitskaya

HNN - Hoteliers take measured approach to Hotspot 2.0 upgrade - 2 views

  • It’s likely the entire hotel industry will upgrade to the new Wi-Fi standard with seamless transfers from mobile networks and better encryption, but the cost of installation and guests’ lack of awareness of Hotspot 2.0 is tempering the pace of adoption.
  • The hardware on-site can’t accept that process right now
  • Moving to the new Wi-Fi standard will be a challenge for properties,
  • ...2 more annotations...
  • and it costs about $125 to $150 a room to update properties to the new ratio, averaging about $40,000 to $65,000 per hotel.
  • Connectivity has become a greater deciding factor for guests
  •  
    This article tells about the perspectives of Hotspot 2.0, the new standard for public WiFi, in the hotel industry. The WiFi Alliance has been working on designing this new standard which is supposed to be much friendlier to the users while making Wi-Fi usage more akin to cellular. It allows automatic WiFi network detection and eliminates the public Wi-Fi log-ins, providing automatic access to secure Wi-Fi networks using a Passpoint profile stored on a device. For hotel guests, this means they would be able to go from using their mobile devices on their personal mobile networks to the hotel's Wi-Fi without having to re-enter their authentication credentials every time. This feature, in my point of view, would be very useful, especially for the business travelers who value every second of their time. Another major benefit of Hotspot 2.0 is improved security by means of enterprise-grade WPA2 encryption, which makes it safer than open public networks. This also will be appreciated by the travelers who often use hotel's WiFi networks for booking different travel services and insert security sensitive data. However, the cost of implementation of this new standard in the hotels is rather high. Thus, hoteliers do not wish to force its realization until they are sure that there is demand from the customers. The polls show that the guests are still unaware of the benefits of Hotspot 2.0 and don't consider it as a key point while choosing a hotel. Yet some hotels try to be before the competition and become early adopters of this technology. They believe that quality of internet connection, as well as additional options, will be a differentiating point for hotels in the future. However, in my opinion, it would be wise to conduct appropriate research and wait until this technology will be close to becoming the industry standard before making significant investments. There is always a chance that the trend will go another way.
anonymous

11 Tips to Improve Your Restaurant's Cyber Security in the COVID-19 Era | FSR magazine - 0 views

  • wealth of client data on tap from places with lax security
  • unknowingly serve credit card data to hackers. Due to the volume of credit card transactions and CRM data available, restaurants need to take cybersecurity seriously before a criminal gets wind of the vulnerability
  • A hacker only needs to gain access to a restaurant's POS system and install malware to steal customer credit card details.
  • ...20 more annotations...
  • Take Chipotle, for example. The company got devalued by about $400 million after they suffered a data breach.
    • anonymous
       
      Major consequences for restaurants if discovered as the link
  • because most go belly up six months after an attack.
  • Unprotected WiFi
  • Criminals pretend to be from the U.S. government and inform targets their COVID-19 stimulus check is ready, but they would need to verify the details of the recipient first before they can send it.
    • anonymous
       
      Low level scammer
  • CRM software data, which may include names, addresses, and even birthdays. One of the most common ways to achieve this sort of attack is via malware (malicious software). Hackers find a vulnerable backdoor to a restaurant's network to install malware on the POS system. Malicious code then records every transaction and every detail, sending it back to the criminal's server over the internet.
  • GrubHub drivers scam both the restaurants and the customers by marking the deliveries as complete and pocketing the tip money, without bothering even to pick up the order from the establishment.
    • anonymous
       
      AHHHH
  • Businesses are scrambling to find suppliers amidst the chaos, and criminals have been taking advantage of the confusion
  • Scammers are posing as representatives from the World Health Organization (WHO), the Center for Disease Control (CDC), and other public health agencies
  • social engineering on the restaurant staff to pull off phishing attacks.
  • PCI compliant.
  • conduct a risk analysis
  • hiring a security expert either full time or as a consultan
  • Secure your network and always change the free WiFi access point's password with a strong one every day.
  • latest operating system updates
  • Force multi-factor authentication
  • strong passwords
  • Ensure sensitive data encryption
  • web-filter to secure your WiFi network
  • Install a robust security software program on all computers and devices to block, detect, and clean malware.
  • Conduct regular cybersecurity training
  •  
    Restaurants have always been an easy target for cyber security hackers, in particular, hackers who are looking for credit card and ID information. Restaurants provide hackers with a "wealth of client data" due to the high "volume of credit card transactions and CRM data available." Once given access, a hacker could simple install malware and duplicate all customer information. Already facing critical financial issues during Covid 19, restaurants large and small need to take a stronger presence in the protection of their data. If discovered to be the start of a breach, customers will tend to avoid that business. "Chipotle, for example...got devalued by about $400 million after they suffered a breach," and many small restaurants "go belly up six months after an attack." Below is a summary of the types of attachs restaurants face: 1. Unprotected Wifi 2. Social engineering and phishing attacks. This is actually the one that stood out to me the most because of how sophisticated these attacks can be. It is a reminder that we are all at risk, both the technologically challenged and gifted. 3. Malware 4. Covid 19 Scams 5. Grub hub scams 6. Supply chain scams *A particular issue for restaurants and commercial businesses right now as companies scramble to find new vendors who can supply them with the products they require. 7. Public Health scams 8. Government Stimulus scams 9. Technical support scams How can we fight against these? Here are the recommendations: 1. PCI compliance 2. Hire and IT security professional to conduct a risk analysis and if possible, keep on as a consultant or full time 3. Keep a secure network and change free passwords daily 4. Use the latest operating systems, force multi-factor authentication, strong passwords, and use encryption services for data storage and transfers 5. Install and use robust web-filters and security software programs 6. Maybe most important!!! Train your employees. 5.
armanyleblanc767

Data Security in Hospitality: Risks and Best Practices - 0 views

  • Best practices for companies in the hospitality sector to protect data include:
  • Always encrypt payment card information. Operate a continuous training program in cybersecurity to maintain a well-trained workforce. Always adhere to relevant regulations, such as PCI DSS. Use cybersecurity measures such as firewalls, network monitoring, anti-malware, and traffic filtering to protect against common threats. Conduct tests against your organization’s cybersecurity defenses in which you mirror the behavior of an actual hacker. Know where your data is and enforce the principle of least privileges to limit access to sensitive information.
  • From the perspective of cybercriminals, hospitality appears to offer an ideal target vector for conducting crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII).
  • ...23 more annotations...
  • five of the biggest data security concerns in the hospitality industry and highlights some best practices for protecting hospitality data.
  • Data Security Concerns in Hospitality
  • complex ownership structures
  • groups may use different computer systems to store information, and the information can also frequently move across those systems.
  • Reliance on Paying By Card
  • t was reported in 2017 that out of 21 of the most high-profile hotel company data breaches that have occurred since 2010, 20 of them were a result of malware affecting POS systems.
  • can go unnoticed for months.
  • High Staff Turnover
  • In the U.K., for example, the job turnover rate in hospitality is as high as 90 percent.
  • challenge to maintain teams of well-trained staff.
  • Compliance
  • Insider Threats
  • t involves employees selling data to third parties without the knowledge of the organization that employs them.
  • Hotels, motels, resorts, and rented apartment complexes all gather and electronically store a range of sensitive personal guest data, such as names, phone numbers, addresses, and credit card details.
  • A case in point was the Wyndham Worldwide breaches of 2008 and 2010. Hackers gained access to the systems of an individual operating company through easily guessed passwords, and the attack easily proliferated through the entire corporate network, with the result that 619,000 customers had their information compromised.
  • Each of these groups may use different computer systems to store information, and the information can also frequently move across those systems.
  • ospitality appears to offer an ideal target vector for conducting crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII).
  • ybercriminals use this reliance on cards to infect point-of-sale (POS) systems with malware that steals credit and debit card information by scraping the data
  • The high level of turnover and high degree of staff movement between different locations makes it a real challenge to maintain teams of well-trained staff
  • While GDPR protects individual data within the EU and EEA, its ramifications have rippled through industries globally, and organizations are realizing the need to put greater compliance measures in place. PCI DSS is another important global regulation that protects credit card data, and fines for non-compliance begin at $500,000 per incident. The risk here is not just to data security but to the future survivability of hospitality companies, many of which would not be able to absorb the s
  • This type of data risk is more subtle and it involves employees selling data to third parties without the knowledge of the organization that employs them
  • Always encrypt payment ca
  • rd information. Operate a continuous training program in cybersecurity to maintain a well-trained workforce. Always adhere to relevant regulations, such as PCI DSS. Use cybersecurity measures such as firewalls, network monitoring, anti-malware, and traffic filtering to protect against common threats. Conduct tests against your organization’s cybersecurity defenses in which you mirror the behavior of an actual hacker. Know where your data is and enforce the principle of least privileges to limit access to sensitive information.
  •  
    This article highlights several important security issues in the hospitality industry, followed by the practice of protecting data from loss. The data structure of the hotel industry is complex, customers mainly use bank cards to pay, and the staff turnover rate is high. There are certain internal threats. In order to solve these problems and avoid data loss, it is not enough to strengthen network security. It is also important that employees are trained and familiar with and comply with relevant regulations.
  • ...3 more comments...
  •  
    Data security is a major issue in the hospitality industry. A lot of personal information is stored on the computers specifically credit card information of the guests staying at the hotel. It is the responsibility of the hotel to ensure that the data is protected. High turnover rate in the industry can make this an even bigger challenge. Ensuring that your staff is properly trained to ensure the highest level of security is maintained is highly important.
  •  
    This article speaks about the data security concerns in hospitality. Restaurants, hotels, and other companies in the hospitality sector often have complex ownership structures in which there's a franchisor and a management company that acts as the operator. Businesses use different computer systems to store information. The nature of the hospitality industry is such that it is extremely reliant on cards as a form of payment. Cybercriminals use this reliance on cards to infect point-of-sale (POS) systems with malware that steals credit and debit card information by scraping the data. A vital part of protecting data is training staff to securely gather and store personal information. Well-trained staff also know how to recognize social engineering attempts and they understand an organization's compliance requirements. Data security risks in the hospitality industry extend far beyond the reputation hit that a hotel can take if guests' data is compromised. Industry and political regulators are becoming stricter in governing how organizations process and store personal data. Some of the best practices for companies in the hospitality industry to use are: always encrypt payment card info, operate training programs in cybersecurity regularly to keep everyone informed, adhere to regulations, know where the data is, and enforce limit access to sensitive info, and more.
  •  
    This article explains how data security is at an all time high in the hospitality industry. Focuses on the 5 security concerns and what are some practices that leadership can help employees detect when someone is trying to hack into sensitive information. Also, making sure employees are in compliance with company policy when leaving the company if they have access to sensitive data and making sure employees are not using to their advantage when leaving the company.
  •  
    Hospitality offers an ideal target vector for conducting Cyber crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII). Restaurants, hotels, and other companies in the hospitality sector often have complex ownership structures with an individual owner or group of owners, and a management company that acts as the operator. Each of these groups may use different computer systems to store information, and the information can also frequently move across those systems.
  •  
    In this article, we learn about the top five data security risks as well as best practices to help prevent data breaches. According to the article, the hospitality industry is a prime target since it stores a vast amount of sensitive guest information like names, phone numbers, addresses, and credit card numbers. Some of the five risks included complex ownership structures, reliance on paying by card, and insider threats to name a few. In order to avoid these threats, the article suggest that companies become PCI compliant, use cybersecurity measures like firewalls, and know where exactly their data is stored.
1 - 20 of 111 Next › Last »
Showing 20 items per page