Data Security in the Hospitality Industry | CSU-Global Blog - 0 views
-
Restaurants, hotels, and other companies in the hospitality sector often have complex ownership structures in which there’s a franchisor, an individual owner or group of owners, and a management company that acts as the operator. Each of these groups may use different computer systems to store information, and the information can also frequently move across those systems.
-
Cybercriminals use this reliance on cards to infect point-of-sale (POS) systems with malware that steals credit and debit card information by scraping the data. In fact, it was reported in 2017 that out of 21 of the most high-profile hotel company data breaches that have occurred since 2010, 20 of them were a result of malware affecting POS systems.
-
Well-trained staff also know how to recognize social engineering attempts, and they understand an organization’s compliance requirements. The risk is that the hospitality industry involves a great deal of of seasonal work in which people might move on after only a few months, or they might be transferred.
- ...14 more annotations...
-
This type of data risk is more subtle, and it involves employees selling data to third parties without the knowledge of the organization that employs them
-
Data security risks in the hospitality industry extend far beyond the reputation hit that a hotel can take if guests’ data is compromised. Industry and political regulators are becoming stricter in governing how organizations process and store personal data.
-
From the perspective of cyber criminals, hospitality appears to offer an ideal target for conducting crimes, such as identity theft and credit card fraud, due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII).
-
Best data-protection practices for companies in the hospitality sector include… Always encrypting payment card information.Operating a continuous training program in cybersecurity to maintain a well-trained workforce.Always adhering to relevant regulations, such as PCI DSS.Use cybersecurity measures such as firewalls, network monitoring, anti-malware, and traffic filtering to protect against common threats.Conduct tests against your organization’s cybersecurity defenses in which you mirror the behavior of an actual hacker.Know where your data is and enforce the principle of least privileges to limit acce
-
organizations in the hospitality sector are better placed to implement a comprehensive information security strategy that entails the necessary procedures, processes, and people to improve cybersecurity within the hospitality industry.
-
The article talks about cyber security threats in the hospitality industry. Threats range from high staff turn over so staff isn't trained thoroughly, to insider threats where employees can sell information to third parties, to cyber-criminals who infect POS systems with credit cards.
-
Data information security is very important to a business development.In my opinion, I think the relationship is inversely proportional. In other words, the more effective cyber security budget is invested, the less potential impact there is of customer information being stolen (being hacked). cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.