With data breaches making big headlines over the past year, the threat of stolen data remains real for individuals and the hotels they share their consumer information with. In fact, 42% of hoteliers identify “creating a secure framework for all guest data” within their hotel PMS data security plan as a top hospitality technology goal for 2014, according to a recent Lodging Technology study conducted by Hospitality Technology.
While hotels can’t necessarily escape data security threats in today’s fast-moving, digitally charged environment, there are three key areas to be assessed in order to help minimize the risks for themselves and their hotel guests:
Technology: Have faith in the cloud
The good news is that technologies are continually evolving in order to help hoteliers and guests address their hotel data security risks and concerns. With so many touchpoints for guest contact and the sharing of personal information, today’s cloud-based hotel PMS systems offer much more protection than their traditional legacy, on-premise counterparts. The cloud service model allows for tighter control over access points between the consumer and service provider and reduces the worries associated with on-premise equipment and data vulnerabilities. SkyTouch Technology’s Hotel OS® (cloud hotel PMS) utilizes the Software as a Service (SaaS) model, where, as the service provider, SkyTouch manages the application, platform, and infrastructure components on behalf of the customer. This includes 24/7/365 monitoring and maintaining compliance with PCI, PII and other pressing industry-specific security requirements.
Training: educate staff to reduce risks
Even with a best-of-bread cloud-based hotel PMS in place, hotels of all sizes must recognize that another key to security and data protection lies in great training. An alarming number of hotel data breaches occur simply because of something completely preventable — employee negligence. Training staff properly on data security policies and procedures will not only keep hotels out of the headlines, it can pay immediate dividends. However, it’s critical that employees at every level handling data receive this training — just think about all of the online touchpoints as customer information traverses the entire network! Hotels that periodically impress a combination of administrative, physical, and technical controls upon their employees to create a culture of privacy will greatly minimize their risks.
Communication: be transparent with guests
Think for a moment. Do you actively communicate with guests or simply “disclose” information to them? There’s a difference when it comes to the issue of data security. Guests may not read the pages of text that pop up when they agree to the WiFi access login, but they may be more likely to listen to a brief verbal “heads up” about security access during check-in. Let’s face it… with the advent of big data, hotels will have a harder time “hiding” things in the fine print. Learning to be transparent with customers about how they use their information will be critical in the long-term and in preventing future conflicts.
Hotel data security in today’s digital age goes far beyond maintaining PCI compliance. Hoteliers must not be lulled into a false “short-term” sense of security. Instead, they can take measures to protect their guests, and their cloud hotel PMS data, by assessing and addressing the above areas that are key to long term well-being and success.