Aside from panic attacks and sleepless nights, a deluge of frightening cyber security statistics accomplishes very little if it’s not accompanied by actionable items to better prepare your organization.
This is why we teamed up with cyber defense experts Armor and Venza to create an infographic that summarizes some critical best practices to strengthen your security procedures and maximize data stability.
The Lay of the Land
2017 has been a banner year for threat actors targeting the hospitality industry. Compared to the second half of 2016, 2017 has seen a 13 percent increase in data breaches. Perhaps even more concerning, there has been a 164 percent increase in stolen, lost or compromised records for the same time comparison.
This upward trend in cyber attacks does not appear to be slowing anytime soon. With a seemingly endless stream of new techniques and tools like WannaCrypt and EternalBlue being utilized with greater frequency and effect, a handful of best practices can help minimize an organization’s exposure to these escalating threats.
A Multifaceted Approach to Best Practices
The hospitality IT environment is composed of three primary vectors, each having a unique set of best practices for cyber security measures in the hospitality industry: user, website and systems.
User
- Establish user education program leveraging third-party vendor modules to minimize human error by negligent and ill-prepared users.
- Shut down all peer-to-peer connectivity to prevent user terminals from sharing resources.
- Use external drives or virtual machines to implement data back-up strategies for personal data.
- Install reputable and comprehensive antivirus program that will block the majority of known ransomware attacks and automatically update defense measures.
- Configure email protection measures, including encryption techniques to maintain communication integrity.
Website
- Ensure proper segmentation between web servers and database servers.
- Utilize a demilitarized zone for publicly facing assets to prevent an attacker from gaining further internal access in the event of a breach.
- Track vulnerability patch status of critical data servers and file shares.
- Have a back-up strategy for databases and file shares.
- Consider using secure third-party cloud or virtualized services for critical data storage and offsite file shares.
Software and Systems
- Maintain the most up-to-date software and automatically download new components.
- Install a firewall and antivirus software on all business systems.
- Create strong passwords for business systems, changing them often to meet security standards.
- Monitor and manage access to business systems and terminals, including eliminating remote access.
Although the digital environment will only continue to grow in complexity, inevitably accompanied by an increase in scope and frequency of hotel cybersecurity threats, these best practices can better prepare you for a dangerous, volatile IT environment. Ensuring your hotel’s IT team is adequately prepared will prevent costly future threats to protect both your guests and organization.