Life in the New Social Media Age
I came to HITEC 2012 as a guest blogger.
So, it’s a bit ironic that I’ve experienced technical difficulties tweeting and blogging about technology the last couple days.
But after hearing Tuesday’s keynote address on hacking in the hospitality industry, I’m glad I had a notepad and pen in my conference bag.
Hacking expert Josh Klein shared the top common ways hackers can access data of unsuspecting travelers and properties:
- A flash drive is the easiest way to attack an institution. Everyone uses them. Vendors distribute them. People share them.
- A pony express is a device that looks like an ordinary power supply cord. But actually it supplies the hacker with data from surrounding unsecured wireless networks.
- Smart phones have all the tools a hacker needs – camera, Internet, social media, apps and more. And most smart phone users are not so smart in public places.
- Blending in as a guest or employee is simple. A hacker can walk in and walk out with any device or data.
From there, the hacker can easily access hotel guest’s personal data using Malware. Online data searches of public records and social media provide the necessary credential information. YouTube videos demonstrate how to physically break into rooms and how to steal property and data.
Hotels are the top destination for hackers. Hotels provide a large volume of valuable personal and financial data and have a steady stream of transient strangers. Key areas that are often overlooked include:
- Wireless networks – Provide guest access on a different network than hotel operations and point of sale systems.
- Electronic hardware (TV’s, HVAC, etc.) — Change default passwords from vendor to secure passwords.
- Business center – Secure equipment, network and any software provided to prevent malicious use and theft.
- Ballrooms – Secure Ethernet portals and any electronic equipment when not in use.
Josh’s main point for hospitality technologists was to be careful and stay safe. Key summary points for maintaining a safe and secure property were:
- Lockdown electronic hardware
- Encrypt your network connections
- Secure your guest services systems
- Educate your staff to create secure environment
- Check yourself regularly for breaches
Since this session, I definitely found myself paying extra attention at HITEC. Today, the person sitting next to me asked for the convention center wireless access ID. I replied “Oh, did you attend the hacker session on Tuesday?”
Christina Dzingala is a sustainability strategist specializing in management, technology and communications to transform organizations. You can reach her on LinkedIn or follow her on Twitter @CDzingala.
The content published in this section was provided by HITEC Guest Bloggers. The information is the view/opinions of the Guest Bloggers and not of HFTP, nor of any person or organization affiliated or doing business with HFTP.