Our Webpage                           Search

Hospitality Blog

Working with Your Hotel Technology Solution Provider to Tackle Cybersecurity Risks

By Stig Lagerstedt 26. October 2023

Cyber Security image

One of the leading targets for hackers has always appeared to have been hospitality industry-based businesses. With its information-rich databases often containing guest credit card numbers and other sensitive details, hotels in fact are only second to the retail sector with regards to the number of attacks experienced annually according to a PwC outlook report.

Faced with increasing online risks, many hoteliers understandably are re-evaluating how they approach cyber protection for virtually any aspect of their operations so as to prevent the creating of potential vulnerabilities. With regards to a property’s security access operations, the risks can be especially great. Often not just seeking to steal sensitive data, hackers can also grind businesses to a halt by preventing keycards from being activated or by locking guests and staff out of guestrooms. Yet while representing a challenge that many hoteliers believe is an issue their business must face alone, much of a property’s success in preventing cyber-attacks in fact comes down to the quality of built-in security protections offered by their solution providers as well as any best practice recommendations that can further enhance online security results.


Adaptive and Robust Solutions Able to Address Newly Arising Threats

Hackers are certainly creative when it comes to identifying new ways to exploit a hotel’s system vulnerabilities as previous loopholes are discovered by IT specialists and removed. This recurring issue traditionally led hoteliers to endlessly invest more and more revenue into replacement systems able to provide adequate protection against evolving online risks.

Cloud-based software is now able to break this never-ending cycle of additional expense by providing businesses with the ability to receive updates for existing platforms without requiring an extensive overhaul of infrastructure. A solution that exists solely as online-based service, platforms such as cloud-based access management notably do not require onsite servers which likely would need to be replaced in order to accommodate a future update/upgrade. Once a potential loophole has been identified, providers leveraging cloud technology can create a software patch that is automatically implemented and that requires no action from a property’s employees. While ensuring that a property is always secured with the latest cyber protections, cloud-based solutions that are able to receive automatic updates also provide hotel staff with time-savings and opportunities to focus their attentions on other priorities, either operational or guest-facing.


Maintaining a Vigilant Watch Over Recurring Cyber Security Risks

If one thing is consistent with cyber-attacks, it is that they are unpredictable and can occur at any moment. The scope of attacks can also target any number of hotel systems, necessitating a requirement for hoteliers to maintain a continuously vigilant eye on potential risks. Yet as fast-paced environments with multiple tasks vying for the attention of staff, lapses in hotel cyber security monitoring can and often do occur.

Cloud-based solution providers are able to lift much of this responsibility along with its time-sensitive urgency off of the shoulders of property employees thanks to the ability to fully monitor for potential breaches remotely. Staffed 24/7 and 365 days a year by seasoned cyber security technicians, providers utilizing cloud technology can instantly provide much needed support and can alert hotel operators to a suddenly arising cyber-attack before onsite staff themselves receive any indications that something is amiss.


Minimizing Cyber Attack Consequences

Even the most prepared businesses can fall victim to hackers who are always in search of new ways to exploit a property’s connected systems and networks. If and when this does occur, cloud-based solutions again provide businesses with yet another opportunity to frustrate hacker efforts to penetrate onsite systems.

Among the most popular current hacking methods are denial-of-service (DoS) attacks that overwhelm systems and render them inoperable. Another involves the use of ransomware to encrypt vital business information. Either way, hackers will prevent any access until a bribe is paid and even then, there are no guarantees of a return to normal operations.  

Cloud-based solutions can sidestep these growing types of risks utilizing a design that allows providers to incorporate multiple redundancies. Whether for system processes or for access to data, the presence of solution redundancies prevents DoS or ransomware from having its intended effect. With regards to hotel access management, redundancies can make all the difference in maintaining access to guestrooms and other hotel areas until the source of an attack is investigated, isolated and resolved.


Protect Your Operations With End-to-end Encryption

One of the leading IT concerns surrounding cloud-based technology is that it may lead to greater cyber security risks due to data and systems being located offsite. However, leading providers of cloud-based solutions have addressed this. With regards to in-transit data, providers utilize a secure sockets layer (SSL) that encodes all information being transmitted. This ensures that only authorized users can view and make sense of the data, with would-be attackers only finding seemingly meaningless information. SSL further protects data from being altered during transmission and with enhanced verification, ensuring that communication is restricted to a two-way exchange between only authorized users and the official cloud-based source.

With more business operations going online and becoming interconnected, cyber-attack risks are only going to increase. Yet by moving systems into the cloud, using the expertise and capabilities of experienced providers, hotel operators can finally begin to take a more proactive approach that for once leaves hackers second-guessing next steps.  


Educating Employees on the Ins and Outs of Effective Cybersecurity

Keeping your hotel staff informed on how to recognize a potential cyber-attack and avoid risky behaviors can mean all the difference between experiencing minimal damage or a catastrophic data breach. From using easy-to-guess passwords and downloading unverified software to not ensuring adequate security on personal devices, employees can often unknowingly open up a property to increased vulnerability. To sidestep such potential risks, hoteliers should work with technology providers that are willing to provide all relevant employees with cybersecurity training for each of their solutions. By working with their providers to deploy both the latest in data security technology while also implementing recommended best practices, hotels and resorts can in fact respond to any suddenly arising issue and maintain continuous heightened online security as a result.


New call-to-action


Stig Lagerstedt's photo

By: Stig Lagerstedt

Stig is VP of Hospitality Solutions for ASSA ABLOY Global Solutions and responsible for ensuring that company market strategies and innovation efforts align with customer needs. He is a member of our team for more than 20 years and recognized as an established expert in hospitality technology. Stig has played a central role in the acquiring of several company patents that have pushed industry security and operational efficiency abilities to new heights.

New call-to-action