David Topolewski, CEO of Qooco, which provides mobile language learning and vocational training solutions for the hospitality and service industries, shares the importance of cyber security in the hotel sector
There is no question that technology has brought great convenience and benefits to our everyday lives, and has had far-reaching influence in every industry you can think of. Amongst hoteliers, technology has helped streamline everything from managing guest relations to organising the day-to-day operations of restaurants.
Hotels are a veritable treasure trove of customer data – personal information, credit card details, addresses, allergy information, etc, all of which allows hotels to provide an extremely smooth experience for their guests. This mass of data is highly sensitive, and also highly attractive to cyber criminals.
The hotel industry is a ripe target because the majority of hoteliers do not seem to place enough emphasis on cyber security. In 2015, Trump Hotels in the US and Canada admitted that a virus had been lurking in their computer systems for over a year and is believed to have stolen thousands of guests’ credit card data. Most crimes involve the criminals hacking into point-of-sale terminals using malware that disguised itself as a legitimate programme.
In this instance, credit card data was stolen. Now imagine if a celebrity or well-known world leader had his or her sensitive personal information nabbed, and then splashed across the front page of the tabloid papers. Embarrassing for the celebrity, potentially destructive for the hotel brand.
Hoteliers would be ill-advised to have a laissez-faire attitude towards cyber security, because cybercrime has numerous consequences which go beyond the business of losing some lawsuits or handling fines or compensation to guests. A public security debacle has the potential to destroy your brand, and the trust between your business and your customers – and trust once lost, is almost impossible to regain.
The tried-and-tested adage – prevention is better than cure – works well when it comes to cyber security. Hoteliers should start to look into ways to prepare for, and mitigate against, cyber-attacks. Five simple ways include: (1) educating staff members on basic cyber security knowledge; (2) reviewing and changing protocols to include steps on dealing with cyber security breaches; (3) developing sound cyber security processes e.g. regularly changing passwords or having a clear chain-of-command for dealing with cyber-related incidences; (4) purchasing a reputable security system/software for your business; and (5) ensuring that staff training includes modules on cyber security.
Ultimately, cyber basics need to be incorporated into staff training. No one wants a repeat of the 2014 Sony Pictures incident – a breach was facilitated by the fact that employees had named a file that contained many relevant user passwords within the Sony system, “Password”. And even more incredulous, the password to access this file was “password”.
Hotels are uniquely vulnerable to hackers, given the sheer number of guests staying in a hotel who willingly giving up their personal information in return for a smoother stay and better service. This, mixed with a hotel workforce that is young and often transient, presents numerous opportunities for criminals to digitally steal information and money. Staff training and protocols should reflect this, otherwise it is only a matter of time before the trust a hotel brand has spent decades building, is shattered by a person with a computer.
Contributed by David Topolewski
