Skip to main content

Home/ Hospitality Technology/ Group items matching "bank" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
armanyleblanc767

Data Security in Hospitality: Risks and Best Practices - 0 views

hospitalityinsights.ehl.edu/-in-hospitality-best-practices

technology hospitality hotel software business tech

shared by armanyleblanc767 on 14 Mar 20 - No Cached
  • Best practices for companies in the hospitality sector to protect data include:
  • Always encrypt payment card information. Operate a continuous training program in cybersecurity to maintain a well-trained workforce. Always adhere to relevant regulations, such as PCI DSS. Use cybersecurity measures such as firewalls, network monitoring, anti-malware, and traffic filtering to protect against common threats. Conduct tests against your organization’s cybersecurity defenses in which you mirror the behavior of an actual hacker. Know where your data is and enforce the principle of least privileges to limit access to sensitive information.
  • groups may use different computer systems to store information, and the information can also frequently move across those systems.
  • ...23 more annotations...
  • five of the biggest data security concerns in the hospitality industry and highlights some best practices for protecting hospitality data.
  • Data Security Concerns in Hospitality
  • complex ownership structures
  • From the perspective of cybercriminals, hospitality appears to offer an ideal target vector for conducting crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII).
  • challenge to maintain teams of well-trained staff.
  • t was reported in 2017 that out of 21 of the most high-profile hotel company data breaches that have occurred since 2010, 20 of them were a result of malware affecting POS systems.
  • can go unnoticed for months.
  • High Staff Turnover
  • In the U.K., for example, the job turnover rate in hospitality is as high as 90 percent.
  • Reliance on Paying By Card
  • t involves employees selling data to third parties without the knowledge of the organization that employs them.
  • Insider Threats
  • Compliance
  • Hotels, motels, resorts, and rented apartment complexes all gather and electronically store a range of sensitive personal guest data, such as names, phone numbers, addresses, and credit card details.
  • The high level of turnover and high degree of staff movement between different locations makes it a real challenge to maintain teams of well-trained staff
  • Each of these groups may use different computer systems to store information, and the information can also frequently move across those systems.
  • ospitality appears to offer an ideal target vector for conducting crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII).
  • ybercriminals use this reliance on cards to infect point-of-sale (POS) systems with malware that steals credit and debit card information by scraping the data
  • A case in point was the Wyndham Worldwide breaches of 2008 and 2010. Hackers gained access to the systems of an individual operating company through easily guessed passwords, and the attack easily proliferated through the entire corporate network, with the result that 619,000 customers had their information compromised.
  • While GDPR protects individual data within the EU and EEA, its ramifications have rippled through industries globally, and organizations are realizing the need to put greater compliance measures in place. PCI DSS is another important global regulation that protects credit card data, and fines for non-compliance begin at $500,000 per incident. The risk here is not just to data security but to the future survivability of hospitality companies, many of which would not be able to absorb the s
  • This type of data risk is more subtle and it involves employees selling data to third parties without the knowledge of the organization that employs them
  • Always encrypt payment ca
  • rd information. Operate a continuous training program in cybersecurity to maintain a well-trained workforce. Always adhere to relevant regulations, such as PCI DSS. Use cybersecurity measures such as firewalls, network monitoring, anti-malware, and traffic filtering to protect against common threats. Conduct tests against your organization’s cybersecurity defenses in which you mirror the behavior of an actual hacker. Know where your data is and enforce the principle of least privileges to limit access to sensitive information.
  • duyingli on 14 Mar 20
     
    This article highlights several important security issues in the hospitality industry, followed by the practice of protecting data from loss. The data structure of the hotel industry is complex, customers mainly use bank cards to pay, and the staff turnover rate is high. There are certain internal threats. In order to solve these problems and avoid data loss, it is not enough to strengthen network security. It is also important that employees are trained and familiar with and comply with relevant regulations.
  • ...3 more comments...
  • cdamo003 on 23 Feb 22
     
    Data security is a major issue in the hospitality industry. A lot of personal information is stored on the computers specifically credit card information of the guests staying at the hotel. It is the responsibility of the hotel to ensure that the data is protected. High turnover rate in the industry can make this an even bigger challenge. Ensuring that your staff is properly trained to ensure the highest level of security is maintained is highly important.
  • Danaisy Abascal-Yero on 17 Jun 22
     
    This article speaks about the data security concerns in hospitality. Restaurants, hotels, and other companies in the hospitality sector often have complex ownership structures in which there's a franchisor and a management company that acts as the operator. Businesses use different computer systems to store information. The nature of the hospitality industry is such that it is extremely reliant on cards as a form of payment. Cybercriminals use this reliance on cards to infect point-of-sale (POS) systems with malware that steals credit and debit card information by scraping the data. A vital part of protecting data is training staff to securely gather and store personal information. Well-trained staff also know how to recognize social engineering attempts and they understand an organization's compliance requirements. Data security risks in the hospitality industry extend far beyond the reputation hit that a hotel can take if guests' data is compromised. Industry and political regulators are becoming stricter in governing how organizations process and store personal data. Some of the best practices for companies in the hospitality industry to use are: always encrypt payment card info, operate training programs in cybersecurity regularly to keep everyone informed, adhere to regulations, know where the data is, and enforce limit access to sensitive info, and more.
  • slain006 on 03 Oct 22
     
    This article explains how data security is at an all time high in the hospitality industry. Focuses on the 5 security concerns and what are some practices that leadership can help employees detect when someone is trying to hack into sensitive information. Also, making sure employees are in compliance with company policy when leaving the company if they have access to sensitive data and making sure employees are not using to their advantage when leaving the company.
  • kspac001 on 04 Oct 22
     
    Hospitality offers an ideal target vector for conducting Cyber crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII). Restaurants, hotels, and other companies in the hospitality sector often have complex ownership structures with an individual owner or group of owners, and a management company that acts as the operator. Each of these groups may use different computer systems to store information, and the information can also frequently move across those systems.
  • armanyleblanc767 on 23 Jan 23
     
    In this article, we learn about the top five data security risks as well as best practices to help prevent data breaches. According to the article, the hospitality industry is a prime target since it stores a vast amount of sensitive guest information like names, phone numbers, addresses, and credit card numbers. Some of the five risks included complex ownership structures, reliance on paying by card, and insider threats to name a few. In order to avoid these threats, the article suggest that companies become PCI compliant, use cybersecurity measures like firewalls, and know where exactly their data is stored.
anaferia

The biggest cyber attacks of 2022 | BCS - 0 views

www.bcs.org/...-biggest-cyber-attacks-of-2022

shared by anaferia on 04 Oct 22 - No Cached
  • In a year of global inflation and massive rises in energy costs, it should come as no surprise that the cost of a data breach has also reached an all-time high.
  • average total cost of $4.5m
  • Amongst the 550 companies that IBM contacted that had experienced a data breach, a disappointing 83% had experienced more than one in the same period
  • ...9 more annotations...
  • common attack vector remains credential theft (19%) then phishing (16%), misconfigured cloud (15%) and vulnerabilities in third-party software (13%).
  • Russia has, for many years, attacked Ukrainian infrastructure such as power grids, internet infrastructure and banks. Since the outbreak of physical hostilities, this has extended to systems related to government administration and the military.
  • The Russia-linked cyber gang known as Conti managed to cause major disruption to financial operations throughout Costa Rica in April.
  • Ransomware, while not the overwhelming headline grabber it was a year ago, is still a major and terrifying threat to many companies
  • A group known as Lapsus$ began 2022 with a string of high profile targets including Nvidia, Ubisoft, Samsung and Microsoft. In each case, data was stolen and in many cases leaked online. Their operating model is extortion where access is most often gained through phishing and then they seek out the most sensitive data they can find and steal it. Often, they do not deploy encrypting software at all.
  • Hacking back is where offensive security experts will attempt to compromise attacker’s machines. This can be legally murky as often the attacking machines are compromised third parties.
  • June this year, a former Amazon employee, Paige Thompson, was convicted for her role in the 2019 Capital One breach. While working for Amazon Web Services (AWS), she exploited her knowledge of cloud server vulnerabilities and stole personal information of over 100 million people.
  • cripple Costa Rica’s import/export business.
  • The main attack vectors continue to be credential theft and phishing emails so it is vital to continue to raise awareness through corporate training and public ad campaigns. Finally, the conflict in Ukraine is showing how effective cyber weapons can be in disrupting command and control in a war.
  • anaferia on 04 Oct 22
     
    To summarize, this article states that, it should not come as a surprise that the cost of a data breach has also increased to an all-time high in a year marked by significant increases in energy prices and worldwide inflation. According to IBM's Cost of Data Breaches Report 2022, the average overall cost is $4.5 million. Additionally, even if ransomware isn't garnering as much attention as it did a year ago, it still poses a serious danger to many businesses. Credential theft and phishing emails are still the major threat vectors, therefore it's critical to keep spreading awareness through public awareness campaigns and business training. Finally, the situation in Ukraine is demonstrating the potency of cyber weapons in sabotaging command and control in a fight.
amdelgad

All Bets Are Off on Casinos and Cybersecurity | UpGuard - 0 views

www.upguard.com/...f-on-casinos-and-cybersecurity

technology hospitality hotel tech casino travel

shared by amdelgad on 10 Oct 22 - No Cached
  • better malware tools and access to deep funding make today's cyber criminals more than a bad movie, especially when lucrative payloads are for the taking.
  • In May 2015, attackers were able to steal cardholder names, credit card numbers, and CVV codes belonging to hotel guests and customers. In 2016 they suffered similar incidents due to malware being installed on POS systems, allowing attackers to steal customers' credit card information.
  • It may come as no surprise that casinos and gaming firms are ideal cyber attack targets, but how competent are these enterprises when it comes to rudimentary security?
  • ...1 more annotation...
  • Online gambling upstart Ignition Casino offers Blackjack, Slots, Poker on its website; fortunately, the company has also taken the requisite security measures for bolstering its website security and email security.
  • amdelgad on 10 Oct 22
     
    This article focused on cybersecurity in hotel casinos. They mention how casinos seem to be a target for a lot of cyber attackers because they tend to not invest as they should on protecting themselves. Casinos hold a TON of financial data; customer info., bank info., and credit card info. I enjoyed the article because they even went as far as giving a few casinos a "security score" in how well/bad they are in staying secure.
ryanbonifas

Sacred Rose Festival Attendees Report Thousands in Overcharges - 1 views

loudwire.com/fest-2022-fraud-charges-report

Technology software tech

shared by ryanbonifas on 01 Sep 22 - No Cached
  • Many music fans who attended the Chicagoland area's inaugural Sacred Rose Festival this past weekend and used their credit cards while there subsequently reported thousands in surprise overcharges.
  • The fest has responded saying it was a glitch with an onsite vendor.
  • the four-digit charges curiously appeared on the customers' cards after they visited a merchant on the festival grounds.
  • ...4 more annotations...
  • Various Redditors reported that they each received surprise charges amounting to $1,190, $1,300, $1,500, $1,700, $3,200 or more. One charge of nearly $5,000 was reportedly declined by a customer's bank.
  • the glitch in venue payment processing resulted in the charges, and that they were being reversed.
  • Here is their statement: 'You may have accidentally been charged a large amount from F&B at SeatGeek Stadium when using a credit card. Our payment processing is secure but had a configuration error. There was no exposure and/or fraud; we are PCI compliant. We are reversing all of these charges and you should see the amount credited to your card in 3-5 business days.'
  • There was a technical glitch with the point of sales system regarding the tips inaccurately processed.
  • ryanbonifas on 01 Sep 22
     
    The overcharge nightmare of an establishment and their quick response to guests has led Sacred Rose Festival to scramble in response to outraged customers. The festival has shared the error came with the systems configuration and are PCI compliant with no exposure to breaches or fraud, but one would venture a guess there is more to this story.
« First ‹ Previous 121 - 124 of 124
Showing 20 items per page