How To Ensure Your Hotel Doesn’t Compromise Guest Data And Become The Victim Of Cybercriminals.

The most recent statistics from the ONS show that 3.2 million overseas tourist visited Scotland in 2017. Overall business travellers from the EU also increased. Research from Visit Scotland shows that the Millennial market generated 18 million nights in 2015.


Whichever way you look at it this suggests a huge number of people staying in hotels, B&Bs etc. almost all of whom are carrying at least one device (and probably more) that they will want to connect to the internet.


The problem this highlights is that hotel industry is one of the top sectors to suffer data breaches. For cyber criminals are a target as huge amounts of information can be held by hotels about their guests: name, address, passport details, car registration plates and credit card details to name but a few.


Once they have checked in, guests then connect to the WiFi network and are required to enter personal details. Where does this data get collected? Most Guest WiFi access has software that sits behind the access points and stores all this information. The repercussions, if a cybercriminal gains access to the backend, can be potentially catastrophic to an individual – and to the hotel.


With GDPR in force now, the hospitality sector must be sure to have this at the forefront of their minds. A boutique hotel potentially would not survive a fine should a breach occur.


So, what can hotels, big and small, do to protect their guests and themselves from the unpleasant attentions of hackers and cybercriminals?

  1. Ensure admin passwords are regularly changed on all IT appliances. This can be easily applied using network settings and tools such as Dashlane or LastPass. Regularly changing passwords dramatically reduces the opportunity for the network to be hacked, particularly when you add rules that make the passwords more complex than many people naturally want to make them.
  2. Ensure a policy is in place when clients do connect to the Hotel WiFi ensuring the client has to give consent to their personal data being collected – this is called the ‘Opt in’. GDPR is very clear on this. You have to give them the option to opt in, rather than the option to opt out.
  3. Separate your public and corporate WiFi. You don’t want a member of the public able to access data on your corporate network.
  4. Quarterly Firewall Penetration Tests, carried out by an independent cyber security specialist, will flag up any holes in your network and keep cyber criminals well and truly out.
  5. Look out for Sniffers. Not cute little puppies, these are hacking tools used to gain access and capture information that you send from your laptop/tablet/mobile. Most recently, they are also setting up WiFi networks that reach into the hotel. Guests think it is legitimate and connect to the ‘fake WiFi’.
  6. Social Engineering is becoming rife across all industries, including the hotel sector. Emails containing malware can easily infect networks. Some will pretend to be a senior director and ask for money to be sent elsewhere. Tools such as Mimecast will protect your network from such phishing emails. And Social Engineering training / Phishing Assessment and training is well worth considering.  Users are often thought of as the weakest link. Onsite employee classroom training, online courses and phishing simulations raise awareness, vastly improving how your users protect themselves online.


The responsibilities for hotels have increased significantly with the introduction of GDPR. Not only is there an ethical and social responsibility for you to protect data, there are also legal requirements. Of course, if done properly, the marketing benefits for the hotel are significant; guests who are confident that you are looking after their data, and providing a secure network experience with robust WiFi access, will return regularly. 


Follow the suggestions above and hotels in Scotland can demonstrate they are looking after their guests in every way.  It may mean future figures for tourist and business visitors bookings are even higher in years to come. 



Mike Ianiri colour.jpg

Mike Ianiri is Director of independent telecoms brokerage Equinox. Mike works with companies, charities and other organisations to help them choose the right telecoms packages for their needs and thereby reduce their costs. He is particularly knowledgeable on the integration of IT and telecoms in business.
Twitter: @CommsEquinox


scottish hotel awardsawards
16 January 2019

The Winners: The Scottish Hotel Awards 2019, Highlands, Islands & North East

Today's awards were presented to the winners of the Highlands, Islands & North East regions, all the winners now go forw…

Read More
SaleaberdeenshireNorth EastBeach
20 January 2019

Balmedie's White horse Inn Set For Sale

A high-profile North East hotel well known for its beach-themed interior design and prominent location, the White Horse …

Read More
06 January 2019

Hampton by Hilton Lands at Scotland’s Busiest Airport

Last December, Edinburgh officially welcomed its second Hampton by Hilton property, Hilton’s global value hotel brand, c…

Read More
RefurbishmentBest WesternBordersDumfriesLockerbieGalloway
11 January 2019

Dumfries And Galloway Hotel Joins Global Hotel Brand To Drive Tourism

The property is located on the outskirts of Lockerbie, a little over an hour from the vibrant cities of Glasgow and Edin…

Read More

21 January 2019

Greenkeeper- Seasonal: Gleneagles

Gleneagles, an iconic country estate set beneath the beautiful Ochill Hills in Perthshire is current recruiting Greenkee…

Read More

LuxuryStaydine5 StarCromlixPerthshireOfferDunblaneChez Roux
06 December 2018

Cromlix Hotel: 2 Night Suite Package

Situated in beautiful countryside, just three miles from Dunblane, Cromlix is set in 34 acres of secluded woodlands and …

Read More
EdinburghGinSheraton GrandGinnasium
03 December 2018

The Sheraton Grand Edinburgh's Ginnasium

One Square, the modern Scottish restaurant and bar on Edinburgh’s Festival Square, will launch a series of gin tasting m…

Read More
GlasgowLuxuryStaydineCrossbasket Castle5 StarOfferBlantyre
04 December 2018

Crossbasket Castle: Winter Offer

Steeped in history, Crossbasket Castle has many unique period features which have been restored to their original beauty…

Read More
LuxuryStaywinterdine5 StarSpaOfferIsle of Eriska
06 December 2018

Isle Of Eriska: Winter Spa Break

Located on the west coast of Scotland, the island boasts gorgeous views overlooking Loch Linnhe and the dramatic Morvern…

Read More

If you need marketing support for your hotel or tourism business please visit our partners