How to secure hospitality communications against data breaches?
As travel has started to pick up, scammers and hackers are also back to take their share of the activity. Travel and hospitality is an industry where high-value transactions are made by people who have money to spend, making hotels and travelers an attractive target for fraudsters.
Probably the best-known case is the 2014 Marriott data breach, where huge amounts of sensitive data were compromised with relatively simple email spoofing techniques. A few years later, in 2020, Marriott confirmed yet another data breach, this time involving the personal information of some 5.2 million customers, putting more than 500 million users at significant risk. It caused Marriott $12.5 billion in damages.
MGM Resorts International also suffered cyberattacks in 2019. Hackers managed to steal the personal information of more than 10.6 million people.
As travel and hotel reservations moved almost entirely online, it became increasingly important to remain vigilant against cyberattacks. Hackers and fraudsters don’t just target large hotel chains, many specialize in smaller hotels where the level of security should be significantly lower.
What are the basic steps and recommendations every hotel should follow to maintain cybersecurity?
- Change passwords regularly
- Use secure communication channels
- Setting up credit monitoring
- Adopt good cybersecurity habits, such as avoiding opening suspicious links or downloading attachments
- Think twice before giving anyone access to sensitive data
Other hospitality-specific measures include:
- Do not email guest databases or sensitive information
- Do not use WhatsApp or Messenger, Skype or any other chat application to exchange sensitive information or files
- Use a reliable and secure payment method
- Use a reliable and secure booking engine solution, such as Synxis, SiteMinder, Fastbooking or SimpleBooking
Securing communications and exchanging sensitive documents is a top priority for any business that takes security seriously. Gmail, Gmail for Business, and Outlook are incredibly easy to compromise. Many hotels switched from Gmail to ProtonMail in 2017 to make their business communications 100% secure.
Beware of your employees stealing data
Unfortunately, it is quite common for employees to be tempted to steal, save or copy sensitive information in an otherwise secure environment.
This can especially occur in administrative departments, such as sales, marketing, reservations and finance, where sensitive information and documents are present.
One of the main risk factors is that confidential documents are printed, left on desks or filed in an unsecured manner.
Consider cloud faxing to manage sensitive documents and information
Cloud faxing is a technology typically used by large organizations to send documents and other important information both internally and to their customers, such as receipts, invoices, and other important documents. WestFax is a trusted provider for a number of travel and hospitality businesses for the secure transfer of their confidential data.
The company is fully HIPAA compliant and can handle a number of advanced integrations with ERM and CRM systems. The possibilities via the API are limitless. Out-of-the-box services include fax-to-email, email-to-fax, and fax-to-fax management.
About cloud fax technology
As the name suggests, Cloud Fax is a cloud-based secure fax service that allows sender and receiver to send and receive secure messages without a fax machine. The technology is fundamentally different from email and offers a cost effective solution for secure communication.
Cloud faxing makes it possible to send documents securely without having to worry about viruses, phishing or malware – very common things with business email.
How can hotels use cloud faxing to enhance their security?
Cloud faxing is a superior way to exchange sensitive documents compared to email. This includes invoices, contracts and all documents containing information that must be kept confidential.
Fraudsters who attack hotels and resorts mostly try to get their hands on bank account numbers, credit card information and bills, which they will use either to defraud victims directly or to resell them to more advanced negative actors.
Since fraudsters specialize almost entirely in infiltrating email accounts, documents shared via cloud fax services will not be intercepted.