Welcome!

Blog Feed Post

Hospitality Industry Targeted by Cyber Criminals

Going on a vacation? How safe do you think your information is at the resort you just booked? I was reading a recent data breach report that said hotel and restaurant Point of Sales (POS) systems are the number one target of criminal data breaches. The risk facing the hospitality industry with respect to personal information is not only due to the volume of information. It’s also due to the attractiveness of that information to cybercriminals.

From POS systems – from ATM and Interact machines to guest paperwork — you’re providing plenty of sensitive information to hotels, restaurants and bars.

Let’s start by looking at the information assets that a typical hotel possesses:

  • Financial information stored in accounts systems

  • Customer information, including bookings, names, addresses and credit card details stored in Front of House (FOS) systems
  • Stock and transaction information stored in food & beverage systems
  • Key card data
  • A multitude of sensitive emails, spreadsheets and other documents

Anyone who travels is familiar with rewards cards and points, as well as the front-desk phrase: “Should we charge your bill to the credit card we have on file?” But is that information being protected as well as it should be? Even though information security is not the primary service provided by hotels, it is expected that the information collected from travelers will be properly handled and secured.

Information security exposure points well known in the hospitality industry. In these trying economic times, risk associated with these exposure points is increasing. That’s why it’s time to end the “it won’t happen to us” syndrome and move information security up the priority list. Below are some steps that can help mitigate risks posed by common points of exposure in the hospitality industry:1. Focus on Information Security: As the economy has fundamentally undergone a meltdown, it is important to focus on securing information and assets as an organization while maintaining a secure infrastructure that enables business operations. Introduce a security policy that all staff are aware of and fully understand.

  1. Adopt a Risk-Based Security Program: Incorporate a risk-based approach to security, especially during times when you have to make spending decisions on security. It is always better to take a proactive approach to security than a reactive one and only through a strong risk management program can these decisions be made effectively.
  2. Focus on Security Awareness: Take steps to propagate your organization’s security strategy beyond your IT department. No better investment can be made to protect against insider threats and targeted attacks against employees, which rise during times of economic downturns. Ensure that the policies and procedures related to your information security program are being followed and working.
  3. Think About Intellectual Property (IP) Protection: The purpose of IP is to protect investment in the branding, design, technology and creative works that give one supplier an edge over its competitors. Your IP is your business; protect it as such.
  4. Think of Security as a Business Enabler: Process re-engineering and optimization projects can find efficiencies in information systems processes that can be turned into cost savings. Consider outsourcing non-core competencies to a managed security services provider, and focus internal resources on tactical and strategic activities rather than managing technology.
  5. Conduct Compliance Assessments Regularly: Perform health checks on your security posture and ensure that you remain compliant with regulations regardless of the economic climate. The ultimate goal of compliance is to be secure – and not just on paper. For every compliance dollar spent, a corresponding measure of risk should be reduced. Otherwise, your compliance dollars are not being effectively spent, and may even be wasted. Risk reduction should drive compliance, not the other way around.
What is your business doing to move security up the priority list?

Read the original blog entry...

More Stories By Steve Caniano

Steve Caniano is VP, Hosting, Application & Cloud Services at AT&T Business Solutions. As leader of AT&T's global Hosting, Application and Cloud infrastructure business, he is instrumental in forging key partner alliances and scaling AT&T's cloud services globally. He regularly collaborates with customers and represents AT&T at key industry events like Cloud Expo.

Latest Stories
SYS-CON Events announced today that Calligo has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Calligo is an innovative cloud service provider offering mid-sized companies the highest levels of data privacy. Calligo offers unparalleled application performance guarantees, commercial flexibility and a personalized support service from its globally located cloud platfor...
"We want to show that our solution is far less expensive with a much better total cost of ownership so we announced several key features. One is called geo-distributed erasure coding, another is support for KVM and we introduced a new capability called Multi-Part," explained Tim Desai, Senior Product Marketing Manager at Hitachi Data Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
SYS-CON Events announced today that SkyScale will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SkyScale is a world-class provider of cloud-based, ultra-fast multi-GPU hardware platforms for lease to customers desiring the fastest performance available as a service anywhere in the world. SkyScale builds, configures, and manages dedicated systems strategically located in maximum-securit...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, will examine the regulations and provide insight on how it affects technology, challenges the established rules and will usher in new levels of diligence...
"DX encompasses the continuing technology revolution, and is addressing society's most important issues throughout the entire $78 trillion 21st-century global economy," said Roger Strukhoff, Conference Chair. "DX World Expo has organized these issues along 10 tracks with more than 150 of the world's top speakers coming to Istanbul to help change the world."
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
SYS-CON Events announced today that Massive Networks will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Massive Networks mission is simple. To help your business operate seamlessly with fast, reliable, and secure internet and network solutions. Improve your customer's experience with outstanding connections to your cloud.
DX World EXPO, LLC., a Lighthouse Point, Florida-based startup trade show producer and the creator of "DXWorldEXPO® - Digital Transformation Conference & Expo" has announced its executive management team. The team is headed by Levent Selamoglu, who has been named CEO. "Now is the time for a truly global DX event, to bring together the leading minds from the technology world in a conversation about Digital Transformation," he said in making the announcement.
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
"The Striim platform is a full end-to-end streaming integration and analytics platform that is middleware that covers a lot of different use cases," explained Steve Wilkes, Founder and CTO at Striim, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
SYS-CON Events announced today that Calligo, an innovative cloud service provider offering mid-sized companies the highest levels of data privacy and security, has been named "Bronze Sponsor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Calligo offers unparalleled application performance guarantees, commercial flexibility and a personalised support service from its globally located cloud plat...
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution and join Akvelon expert and IoT industry leader, Sergey Grebnov, in his session at @ThingsExpo, for an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...