Securing crucial guest data - A need of the hour
The growing incidence of cyber threats underlines that hoteliers need to be on their guard to protect their guests’ data from being misused
By Vinita Bhatia
Last month, Hyatt Hotels Corp discovered unauthorised access to payment card information at certain of its properties globally between March 18, 2017 and July 2, 2017. This incident affected payment card information, such as, cardholder name, card number, expiration date and internal verification code, from cards manually entered or swiped at the front desk of almost 41 Hyatt-managed locations in 11 countries. Two years, ago, according to a Reuters report, Hyatt had faced another data breach at 250 of its hotels in 50 countries when its payment processing system was infected with credit-card-stealing malware.
It is not the only brand to be affected by cyber attacks – others have also fallen prey to it at some point. The hospitality domain, in recent times, has become a soft target for cyber terrorists as the industry is witnessing an increasing incidence of online transactions. This makes it pertinent for all stakeholders to be more alert to the threats and stay secure.
When it comes to maintaining the integrity of their guests’ data, Srinivas Srirangam, general manager, Novotel Imagica Khopoli advises that hoteliers should stringently follow standard IT compliance norms. This begins with the Point of Sale (PoS) gateways, where majority of the intrusions take place.
“Training is required on how to handle the physical aspects of credit card payments. At the same time, it is important to check that the machine is not tampered with, as it can record the magnetic information on the card,” he pointed out.
At his property, trainings are held for people who handle cash and credit cards as well as manage transactions. “We organise online and classroom trainings for our personnel regularly. More importantly, we have daily briefings where we encourage our team members to discuss every transaction that they might have concerns about,” Srirangam added.
At the same time, this daily meetings are the perfect platform to highlight global cyber threats that are doing the round or any corporate advisories that are recommended. During these sessions, even the smallest issues are brought up. Srirangam recalled how his team members have highlighted scenarios where two credit cards have been repeated for two different rooms, or if any advance is collected on a credit card and is unused for a long time. “Since we have very strict control procedures, we have not encountered any data theft,” he added. This procedure is the result of the Leading Digital Hospitality strategy that AccorHotels
has adopted, which ensures that all its central systems are compliant with payment card industry data security standard. And not just global chains like AccorHotels, even smaller hotel brands are investing in anti-malware and spyware systems proactively.
Currently, as compared to most other industries, hospitality still has a better track record when it comes to detection of cyber threats. At the same time, this
is one industry that is highly susceptible to brand damage. Hence, companies need to go the extra mile to make certain that their systems are as secure as possible. The slightest breach can lead to phenomenal damage – to their network , finance and their reputation.