The hospitality industry has recently suffered from a number of information security breaches, including many high profile companies such as Hard Rock and Marriot Hotel groups. More concerning is the length of time it took to discover and deal with the breaches, taking 7 months in the case of Hard Rock Hotels and Casinos.
Data protection requirements for the hospitality sector
Many businesses are working towards storing the majority of their data virtually and the hospitality sector is no exception. Although this could arguably increase their vulnerability to system breaches, it can also give them a greater range of high availability options to limit downtime. The nature of the hospitality industry means that a large amount of sensitive data belonging to both staff and guests is being held at a single time, including names, addresses, contact details, credit card and financial details, so it is vital to have compliant IT systems in place which will work towards preventing unauthorised access.
Managing security risks
Managing security risks is vital for the hospitality sector, which can face legal action if a breach occurs. If sensitive information is accessed by those who are unauthorised it can result in huge financial implications to the company, as well as long-term damage to their brand and reputation. Your clients will expect your IT systems to be fool proof to protect their data in the case of any attempted breaches. Since the consequences of failing to do so could have such a large impact, it is important to ensure that your infrastructure keeps data safe and secure.
Protecting your clients from security breaches
Protecting your clients from security breaches can be a time-consuming and ongoing process. The most effective way to prevent downtime is by creating a detailed disaster recovery plan. This encompasses many elements from designating responsibility to individuals, as well as backing up data and processes to follow in the event of any attempted data breaches.
IT resellers don’t always have the time or resources to support their clients with disaster planning. Outsourcing these services as white-labelled extensions of your business can be a great way to provide support and expertise to your clients throughout their entire planning and implementation process. This ensures that they receive expert advice and support and allows your own staff to focus on their own strengths.
Ongoing maintenance and support
Providing a review and report to your clients can actually result in organisations actively developing and formalising an Information Security Management System (ISMS), driven and supported by the board and in the context of their specific organisation. This allows you as their IT supplier to continue supporting them whilst monitoring their security processes to keep their data safe and confidential.
Marathon has experience increasing security for the hospitality sector
Using Marathon’s template to benchmark an organisation’s Information Security posture helps senior management and IT in a number of ways. Firstly the review will focus on where the highest risks and weakest points currently exist. Secondly, for senior and board level executives the report is detailed and provides insight that they may otherwise have missed. It can be a wakeup call that drives their desire to manage their information assets in a more secure environment.