Recent security breaches at hotels such as Wyndhams Hotels and Radisson have seen guests data and credit card information exposed to hackers. A new guide – Securing IT for Hotels – released today by managed security firm Network Box gives guidelines for hotels to follow in order to protect their IT networks from attack, or criminal activity.
The guide, which is free to download from Network Boxs website: http://www.network-box.co.uk/resources/white-papers, outlines some of the issues facing IT managers within hotels, such as access rights both physical and virtual; preventing human error; securing guests data from being stolen both from within and from outside the hotel; and creating flexible systems to suit both employees and guests internet access requirements.
The guide suggests steps for hotel IT managers to take, including:
1.Limit access to your IT systems. Do not share server room space (particularly not with luggage storage!) and keep your servers behind securely locked doors.
2.Use time out systems to ensure unused systems become inaccessible.
3.Limit the number of employees who can access personal guest data (and then only with the use of strong passwords). For more information on passwords, see our advice on password security.
4.Make human error harder. Educate employees on the importance of tight security systems, and their role in keeping guests data secure. Hold security training at least once a year for hotel employees, to review security procedures and to make sure that all employees understand their role in keeping an organisation secure.
5.Ensure all security systems are kept up to date; and that you regularly check for the latest versions of applications or platforms used across the organisation including your security applications: firewall, IDP, VPN and anti-malware – as they may include critical security updates. For more information, see Network Boxs guide to updating systems.
6.Encrypt guest data. No sensitive data should be left unencrypted; and personal guest information should never be sent over an unsecured system (such as email).
7.Ensure that all data is routed through the appropriate channels and that nothing bypasses security systems (this is one of the most common causes of vulnerabilities). For more information, see Network Boxs guide to routing.
8.Set internet access rights. Hotel guests can have more flexibility than employees, so ring fence their internet access so they cant download malware onto the hotel network. Block access to blacklisted websites altogether.
9.Check all data leaving the building, in the same way that you check data that comes in (via any communication channel, such as IM or email). This will help prevent unauthorised transfer of guests data that could lead to compromised security.
10.Tap into expert knowledge by bringing in specialist security experts to run your security systems. Getting an external, approved managed service company can reduce costs by between 20 and 40 per cent, with no capital outlay.
For more information on the latest security issues, see http://www.network-box.co.uk, or visit Simon Herons blog at: http://blog.network-box.co.uk, or follow Simon on Twitter: http://twitter.com/networkbox.
– ends –
About Network Box:
Network Box Limited (NBL) is an international managed security services company, specialising in unified threat management (UTM). It continuously defends the networks of its customers using PUSH technology to instantaneously update protection, from 12 Security Operations Centres spread around the globe. NBLs customers in Asia, Australia, North America and Europe include companies such as BMW, Nintendo and Toyota, as well as banks, utilities companies and government organisations.
For more information, please contact:
Tel: 0771 406 5233