Access your Pro+ Content below.
Security best practices in hotels
This article is part of the Information Security magazine issue of September 2009
Over the past year, I have read about multiple security breaches encountered by celebrities and business travelers at hotels and resorts around the globe. I have seen the research and assessments that try to gauge the hospitality industry's security posture. Most of the reports tend to label the industry as one of the worst with regard to information security. However, it's time to place accountability where it needs to be: with each of us. To better understand the security issues in the hospitality industry, we need to examine two distinct parts: the hotel network that processes payments, stores personal information about guests and conducts routine services as a part of everyday business, and the Internet connectivity offered as an amenity to guests. Hotel networks typically are made up of many different proprietary systems in order to offer services and track expenses for each guest. These systems also provide service continuity throughout different departments or areas of the hotel or resort. The goal is to provide an easy, ...
Access this PRO+ Content for Free!
Features in this issue
For the fourth consecutive year, Information Security readers voted to determine the best security products. A record 1721 voters participated this year, rating products in 17 different categories.
The demonstration of a hacking tool at Black Hat that allows attackers to escape from virtual machines to attack their guest OS elevates the seriousness of security threats to virtualization.
Encryption solves some very straight-forward problems but implementation isn't always easy. We'll explain some of the common misperceptions so you'll understand your options.
Columns in this issue
Accountability for Internet security should be placed on users, not service providers such as hotels.
Security experts Bruce Schneier and Marcus Ranum debate whether perfect access control is possible.
Passing an audit can lull an organization into a false sense of security.