We all remember the massive credit card breaches at well-known national retailers over the last few years. These breaches were a public relations, financial, and legal nightmare, resulting in millions of dollars in lost sales and possible long-term brand damage. From a hospitality point of view, simply hoping that your hotel won’t be affected is obviously not enough. You owe it to your guests, and your business, to be proactive and do what you can to be as secure as possible.
Re-Evaluating your PMS
A logical first place to look for security improvements is within your property management system (PMS). The PMS is the hub of front desk operations, and commonly stores a lot of important guest data. While thieves are obviously interested in credit card numbers, they are also often interested in personally identifiable information (PII) that could be used to steal someone’s identity. If you are still using a legacy on-premise PMS and haven’t migrated your PMS to the cloud yet, you may be taking on more risk than you might realize. Here’s why.
With a legacy on-premise PMS, all data is stored on a computer at your hotel. This computer may be located in a server closet, it may be in a manager’s office, or it may be tucked behind the front desk. No matter where you keep it at your hotel, access to the computer is likely not controlled very easily, and may unwittingly provide opportunities for hacking or theft of data, or even theft of the hardware itself.
But if you are using a cloud-based PMS, there is no sensitive data being stored at your hotel, and no sensitive data being stored on your computer equipment. Much of the responsibility for protecting the data shifts to your PMS vendor, allowing you to focus more of your attention to running your hotel. The top cloud-based PMS vendors take this responsibility very seriously, running their systems in sophisticated data centers with advanced security systems that are monitored 24/7 by highly- trained IT security professionals.
Hotels are intended to be warm, inviting places where guests feel welcome. Today’s cloud data center is just the opposite, typically having security guards, cameras, and other physical security measures in place to help prevent unauthorized physical access. When compared side by side, data centers are generally a much safer place to store sensitive data than your hotel’s server closet.
Taking it a Step Further
But the best PCI compliant cloud-based PMS vendors don’t just rely on physical security for their data; they will also invest in security measures that help protect their systems from being breached. The security measures help to prevent unauthorized files from being installed on their computer equipment, help ensure that their malware protections are current, and provide real-time monitoring of activity in their systems to help identify unusual behavior and potential threats to the system before they occur.
Sharing the Load
Finally, when it comes to cost, cloud-based PMS customers share common IT infrastructure, allowing vendors to charge each customer only a fraction of the total cost of implementing and maintaining security measures. In contrast, customers of on-premise PMS software don’t share any common infrastructure, so they can’t share in the costs of maintaining it.
By investing in the right cloud-based PMS now, you can help to minimize the possibility that your guests’ or your data will be breached one day—helping to protect your guests, your property, and your brand.