Advertisement
09/06/2022

Hospitality: Consider this your Cybersecurity Wake-up Call

Cloud migration, tech lounges, chatbots and robots are all technologies with great potential: both to streamline and drive better service, and to grant hackers access to your brand’s technology stack.
Image
digital lock

With lockdowns in the rearview mirror and the long-stagnant flows of work and business regaining a familiar cadence, hotels are well positioned to capitalize on increasingly bustling activity. However, as Marriott’s recent data breach – the chain’s third in four years – demonstrated, the hospitality industry would do well to beware the quickening chain of assaults by cybercriminals, lest they stumble at the starting line of this new era of business.

Over the past two years, cyberthreats have grown both more threatening and more frequent. At the same time, hotels and businesses in many other industries are embracing technology more than ever before. These new devices and platforms can be a major boon to business, but also present new threat vectors and convenient backdoors for hackers if not implemented carefully.

Recent technologies adopted in the hospitality space include:

  • Cloud migration
  • Technology lounges
  • Chatbots
  • Concierge robots

While each of these devices presents enormous potential for streamlining and taking service to a higher level, they can also grant malicious hackers a way to punch straight through the hotel’s cybersecurity if not implemented correctly.

The cloud offers easy integration and collaboration across multiple properties at a low overhead, but as the most recent Marriott breach shows us, cloud migration can also significantly amplify the damage caused by carelessness with cybersecurity. In Marriott’s case, 20GB of guest data and other sensitive information was stolen.

Tech lounges are a trendy way to appeal to the new class of “bleisure” travelers by offering them a unique, relaxing space to get work done. However, they’re also a veritable candy store for hackers, who can sit back and relax as business from around the globe zips through a common – potentially poorly defended – shared Wi-Fi network.

Chatbots are a great answer to guests’ increasing demand for immediate answers to questions at all hours, but themselves can be turned into malicious agents allowing hackers to probe guests for personally identifiable information, credit card numbers and other sensitive information.

Concierge robots are a particularly trendy development in some markets and have been used with some success in various hotel roles – but as the Japanese hotel chain “Henn na Hotel” found in 2019, also presented major security issues as they could be used by hackers to spy on guests in their rooms.

Technological adoption is always going to be a double-edged sword, regardless of the industry. Particularly in the hospitality industry – where customer comfort and trust are paramount – owners need to think seriously about how they are implementing technology and counterbalance every step of digitization with an equal advancement in cybersecurity. As the world grows increasingly connected, the industry cannot afford to grow complacent, lest hackers have a field day with the newly introduced vulnerabilities.

Remote access is the common thread between all of these potential digital pain points and should be top of mind for any hotel looking to shore up its cybersecurity as it welcomes new technology into its workflow and daily operations. After all, the investment to bolster cyber defenses will pale in comparison to the cost of mitigating damage from a successful breach, after which the victims of the attack would lose even more money making the same upgrades they could have made to prevent the attack in the first place.

Competent secure remote access policies go far beyond mere compliance and utilize strict security zones to ensure nobody is doing anything they shouldn’t on the network. Hotels that want to succeed would do well to embrace all the massive benefits presented by digitization, but need to do it safely and sanely if they don’t want to face an increasingly fierce volley of attacks from opportunistic hackers.