Big Data & Robust Cyber Security for Hotels in 2020

There is a great transition from conventional customer relationship management to the entirely new phenomenon of ‘big data analytics’. Connecting with guests & prospect leads, and then keeping them engaged with your hotel brand is an essential in today’s highly digital world. 

The growth of data generating platforms is continuously replacing legacy CRM models across the business landscape. Big data management employs intuitive data collection and analysis tools for enhanced service delivery at hotels. 

In the hospitality industry, hoteliers are increasingly raising interest in user generated data for better insights that conventional models cannot deliver. Big data strategically reshapes business strategy, open doors to new opportunities, and assist with high quality decision making in hospitality.

While hotels are investing heavily in cutting edge big data management solutions, hotel technology providers are still offering them limited cyber security solutions to protect their massive data warehouses. 

Securing Big Data Solutions in Hotels 

Implementing digital data management tools is simple, however, securing your assets (aka. data) is complex. Depending on the critical nature of data collected, securing these databases is essential and a responsibility of hoteliers.

Although there is no one size fits all solution for hotels just yet, hospitality technology providers generally prescribe popular hotel data security tools with A.I. and big data software solutions. Here is a list of five essential cybersecurity solutions that hotel owners should prioritize across their technology infrastructure.      

Digital Security Policy 

For any business under threat from hackers and cyber criminals, it is simply criminal to ignore a digital security policy. This simple framework defines the priority and proactivity of hotel owners towards a well planned cybersecurity infrastructure. 

A digital security policy according to tripwire should address (but is not limited to) the following areas:

1. Start with Cybersecurity and Data Collection 
2. Control Access to Data Sensibly 
3. Require Secure Passwords and Authentication 
4. Store Sensitive Personal Information Securely and Protect it During Transmission
5. Segment Your Network and Monitor Who’s Trying to Get In and Out
6. Secure Remote Access to Your Network – Every company employs 
7. Apply Sound Security Practices When Developing New Products  
8. Make Sure Your Service Providers Implement Reasonable Security Measures 
9. Put Procedures in Place to Keep Your Security Current and Address Vulnerabilities that May Arise 
10. Secure Paper, Physical Media & Devices 

A digital security policy entails how a hotel will manage data collection, protect it, and how it will respond in case of a breach. It must highlight how data is collected, where it is stored, who has access to it, what cybersecurity measures are in place, when updates are due, and who will act when there is an incident. 

Hoteliers should keep in mind that technology does not remain constant. As time passes new threats will arise, hence, every hotel should routinely revise & improve their digital security policies based on new threats to technologies. 

At Advanced Hospitality Technologies Inc. we have successfully established digital security policies at some of the most prominent hotel brands in the USA. Powered by a professional team of certified engineers, consultants, and technology managers we have worked with world-class technology brand standards delivering hotel cybersecurity to the likes Marriott, Sheraton, la Quinta, and Hilton properties. 

AntiVirus – Threat Detection & Protection 

Antivirus & anti-malware is essential for the survival of your hotel’s various hardware that collects, analyzes, processes, and retains guest data. This also includes the security of all connected devices using this data in real-time. 

Antivirus software are primarily designed to detect, identify, prevent, and remove a series of cyberthreats including adware, malware, worms, trojans, malicious scripts, phishing, brute force attacks etc.   

This is usually the first line of defence for all the connected devices on your hotel property. The vast innovation in these solutions today allows hotels to easily integrate antivirus threat detection and protection without hurdles.

Firewalls 

While device security remains paramount, it is simply ‘critical’ to secure your entire hotel network from hackers and cybercriminals today. A firewall is primarily designed to manage your internet traffic, monitoring data as it moves back & forth in your hotel network. 

The U.S. Federal Communications Commission (FCC) has already highlighted the significance of network security on their website. An FCC research paper establishes that: 

“… A state-of-the-art firewall:

This asset is an imperative part of ensuring that only authorized users have access to network resources. With a next-generation firewall in place, the hotel can be assured that malicious actors and hackers are effectively kept out of the network underpinning the Wi-Fi as well as the hotel’s point-of-sale systems.” 

Hotel technology provider Fortinet Solutions, known for their cutting edge firewall technology mention on their website that:

“As part of the hospitality digital transformation, an increasing volume of data and applications are rapidly moving to the cloud, which also unintentionally expands the attack surface. The Fortinet Security Fabric offers an extensive set of network security capabilities to unify a hotel’s security infrastructure and provide broad protection from advanced threats.” 

Advanced Hospitality technologies Inc. has previously partnered with Fortinet Solutions delivering world-class cybersecurity infrastructures at franchise & stand-alone hotels. 

Staff Education & Training 

Informed hotel staff is the backbone of every security policy and infrastructure. Trained staff who have the knowhow about prevalent threats, the tools to secure against them, and the process way to react to breaches are simply “crucial” for a hotel. 

Hotels generally have a lot to lose in case of a breach considering multiple POS machines, data collection touchpoints, IoT devices, business centres etc. synced to their servers. These touchpoints are constantly sending & receiving data through the hotel servers, some of which is highly sensitive and critical. A trained staff of hoteliers will not only understand the severity of data breaches but also understand the importance of data access, authorization to access, and distribution. 

The PCI compliance council already outlines a secure roadmap to achieving proactive data security. PCI staff training remains one of the most important educational regimes for hotel employees in particular due to their increased interactions with technology solutions.  

When staff have in-depth understanding and knowledge of what a data breach entails and how it can damage a hotel’s reputation, they will be more responsible when handling guest data. Since cybersecurity experts cannot be present exactly when a breach occurs, trained employees can at least react quickly to quarantine the effects of cyberattacks. 

Stronger Passwords & 2FA 

There can’t be any more emphasis placed on having stronger passwords for your devices and access to hotel PMS. NEVER CONSIDER HAVING “PASSWORD” AS YOUR ACCESS PASSWORD. 

Modern digital password best practices demand that even email accounts should have “alphanumeric” passwords rather than only alphabetical ones. Mixing numbers and special characters in your password can ridiculously strengthen account security.  Here are some tips to enhance your password complexity recommended by the University of Princeton – Department of Computer Science: 

• a minimum of 1 lower case letter [a-z] and
• a minimum of 1 upper case letter [A-Z] and
• a minimum of 1 numeric character [0-9] and
• a minimum of 1 special character: ~`!@#$%^&*()-_+={}[]|\;:”<>,./?
• at least 1 upper case, numeric, and a special character must be EMBEDDED somewhere in the middle of the password, and not just be the first or the last character of the password string.

Conclusion 

There is much more to hotel data security than just five measures. Modern hoteliers can also consider advanced and more expensive solutions, but there isn’t enough evidence to justify their ROI, not just yet.  

Sound cybersecurity infrastructure is more dependant on the technologies at a hotel property than what they want. A hotel with 2 POS machines, 5 PCs, and a printer will need fewer measures than one with 10 POS machines, 20 PCs, multiple printers, several WIFI routers, and room tablets, and smartphones. 

For more interesting reads and updates visit our blog again. If you liked this article remember to share it with your colleagues. Until next time, see you again soon.