Hospitality Mobile Technology and IoT Create New Hotel Data Security Needs

Connected living is quickly becoming a reality. Nearly every aspect of our lives involves devices of some sort. The number of new connected devices is expected to surge by 30 percent from last year to 6.4 billion as part of the rising Internet of Things trend, per Gartner.

The expansion of the hotel technology trend certainly correlates to this, as the hospitality industry looks to accommodate guests’ digital expectations through various forms of innovation such as hotel room tablets, mobile key, and hotel apps. Increase of hospitality technology has also grown the need to consider security and privacy standards when it comes to sensitive hotel and guest data.

“IoT is all about making the things in your life smarter,” said Cameron Coursey, AT&T Vice President, Product Development. “Security is paramount to something that touches and influences our lives as deeply as IoT.”

With the cost of a single data breach reported to be over $6 million ($204 per data record), implementing sound hotel data security policies is crucial.

A single data breach can cost over $6 million.

Hundreds of hotels have been impacted by a data breach caused by malware attacks or cybercriminal activity, primarily against point-of-sale and payment processing systems. At the end of 2015, three major hotel industry companies announced breaches within only 34 days. Despite how extreme this sounds, hotel companies only represented 6 percent of total companies reporting hacking or malware breaches on POS systems last year.

The business of protecting customer data and enabling sufficient hotel data security measures can be complex, especially with regulations coming from different sources. The Payment Card Industry Data Security Standard (PCI DSS) is the most widely recognized by the hospitality industry and PCI compliance is a first step toward securing guest data.

The government also plays a role in the issue. Nearly all of the individual 50 states have varying laws regarding data breach and appropriate incident responses, which makes it even more difficult for a hotel to manage communication regarding security issues with travelers of different origin.

The GSM Association, a group representing the interests of global mobile operators and organizer of the largest annual event in the mobile industry, the GSMA Mobile World Congress, released new security guidelines addressing IoT earlier this year.

The guidelines mark a unified effort by the entire IoT industry to educate, reinforce and simplify security as connectivity moves forward to encompass more items around us. They will certainly have an impact on the hotel Internet of Things as device manufacturers and hotel technology vendors collaborate to adhere.

“As billions of devices become connected in the Internet of Things, offering innovative and interconnected new services, the possibility of potential vulnerabilities increases,” said Alex Sinclair, Chief Technology Officer, GSMA. “These can be overcome if the end-to-end security of an IoT service is carefully considered by the service provider when designing their service and appropriate mitigating technology is deployed.”