A recent study found that 76% of hoteliers regard technology security as a serious concern.

This unease is valid. Hotels process a considerable number of online payments, making them a juicy target for criminals.

Analysis across 24 countries revealed a high percentage of attacks on hotels and in 98% of the breaches that were studied, credit card information was stolen.

At the sophisticated end of the scale, there have been multiple examples of hackers accessing smart thermostats and then jumping across the network into the hotel finance system.

But it’s the measures that are simple to put in place – but aren’t – that expose many hotels.

Wi-Fi is a prime example.

More and more venues offer free Wi-Fi and patrons expect it as part of your service offering.

However, criminals can tap into unencrypted Wi-Fi networks and steal information such as login credentials and credit card numbers.

Sangfor Technologies explain that “people let their guard down when traveling and rely on their lodging for dependable and secure services”.

They argue that “it should be the responsibility of hotel industries to deploy stringent cybersecurity measures to assure guests that their personal information will never be compromised.”

What You Can Do

Your own IT company is best placed to advise you on the necessary protection.

But NordVPN offers two excellent tips:

• “Network encryption. Many hotel Wi-Fi networks do not sufficiently encrypt the data you send over the network, allowing anyone with the right tools to intercept it. Currently, the most secure system is WPA3, but some hotels set up their networks a long time ago and forgot to update their encryption methods. It makes their guests easy targets for cybercriminals.

• “Old hardware. Unfortunately, many hotel owners are fond of the “if it’s not broken, why fix it?” mentality. But if the hotel set up its Wi-Fi network in 2010, for example, the routers are severely out of date by now and won’t support the latest security updates.”

Lockdown

Cvent stresses the importance of physical security.

“Your organisation probably has multiple Wi-Fi access points around your hotel,” it says.

“Make sure these hardware access points are not accessible to guests. You don’t want just anyone walking up to them, since they can be reset to factory settings with the push of a button.

“In addition, it will be important for the hotel employee and guest networks to be separate so that even if bad actors do get onto the Wi-Fi network, they won’t gain access to financial or company information. Your IT department can help you segment your network so guest traffic and employee traffic are completely isolated from each other.”

Next Steps

Security should be on your regular agenda.

Most hotels don’t have a full-time IT specialist on staff, so talk to your IT company. Get them to explain what your weaknesses are and the cost to fix them.

The good news is that it may even help reduce your insurance premium.