How To Ensure Your Hotel Doesn’t Compromise Guest Data And Become The Victim Of Cybercriminals.

The most recent statistics from the ONS show that 3.2 million overseas tourist visited Scotland in 2017. Overall business travellers from the EU also increased. Research from Visit Scotland shows that the Millennial market generated 18 million nights in 2015.


Whichever way you look at it this suggests a huge number of people staying in hotels, B&Bs etc. almost all of whom are carrying at least one device (and probably more) that they will want to connect to the internet.


The problem this highlights is that hotel industry is one of the top sectors to suffer data breaches. For cyber criminals are a target as huge amounts of information can be held by hotels about their guests: name, address, passport details, car registration plates and credit card details to name but a few.


Once they have checked in, guests then connect to the WiFi network and are required to enter personal details. Where does this data get collected? Most Guest WiFi access has software that sits behind the access points and stores all this information. The repercussions, if a cybercriminal gains access to the backend, can be potentially catastrophic to an individual – and to the hotel.


With GDPR in force now, the hospitality sector must be sure to have this at the forefront of their minds. A boutique hotel potentially would not survive a fine should a breach occur.


So, what can hotels, big and small, do to protect their guests and themselves from the unpleasant attentions of hackers and cybercriminals?

  1. Ensure admin passwords are regularly changed on all IT appliances. This can be easily applied using network settings and tools such as Dashlane or LastPass. Regularly changing passwords dramatically reduces the opportunity for the network to be hacked, particularly when you add rules that make the passwords more complex than many people naturally want to make them.
  2. Ensure a policy is in place when clients do connect to the Hotel WiFi ensuring the client has to give consent to their personal data being collected – this is called the ‘Opt in’. GDPR is very clear on this. You have to give them the option to opt in, rather than the option to opt out.
  3. Separate your public and corporate WiFi. You don’t want a member of the public able to access data on your corporate network.
  4. Quarterly Firewall Penetration Tests, carried out by an independent cyber security specialist, will flag up any holes in your network and keep cyber criminals well and truly out.
  5. Look out for Sniffers. Not cute little puppies, these are hacking tools used to gain access and capture information that you send from your laptop/tablet/mobile. Most recently, they are also setting up WiFi networks that reach into the hotel. Guests think it is legitimate and connect to the ‘fake WiFi’.
  6. Social Engineering is becoming rife across all industries, including the hotel sector. Emails containing malware can easily infect networks. Some will pretend to be a senior director and ask for money to be sent elsewhere. Tools such as Mimecast will protect your network from such phishing emails. And Social Engineering training / Phishing Assessment and training is well worth considering.  Users are often thought of as the weakest link. Onsite employee classroom training, online courses and phishing simulations raise awareness, vastly improving how your users protect themselves online.


The responsibilities for hotels have increased significantly with the introduction of GDPR. Not only is there an ethical and social responsibility for you to protect data, there are also legal requirements. Of course, if done properly, the marketing benefits for the hotel are significant; guests who are confident that you are looking after their data, and providing a secure network experience with robust WiFi access, will return regularly. 


Follow the suggestions above and hotels in Scotland can demonstrate they are looking after their guests in every way.  It may mean future figures for tourist and business visitors bookings are even higher in years to come. 



Mike Ianiri colour.jpg

Mike Ianiri is Director of independent telecoms brokerage Equinox. Mike works with companies, charities and other organisations to help them choose the right telecoms packages for their needs and thereby reduce their costs. He is particularly knowledgeable on the integration of IT and telecoms in business.
Twitter: @CommsEquinox


Pet FriendlyThe Atholl ArmsDog Friendly
08 March 2019

Could This Be Scotland's Most Dog Friendly Hotel?

From dog-themed interior design, dog treats by the door and a personalised welcome pack to each dog, to dog charity dona…

Read More
EdinburghWaldorf AstoriaThe Caledoniannew restaurantbistromark greenaway
11 March 2019

Mark Greenaway’s Restaurant Will be at The Waldorf Astoria Edinburgh

The menu, which reflects the laid-back 'grazing' concept, will showcase a mix of traditional, modern and sharing plates,…

Read More
AyrshireTrump TurnberryExpansionRecruitment Drive
05 March 2019

Trump Turnberry Opens Its Doors For Drive To Fill 100 New Roles

A two-day recruitment drive will take place on Wednesday 13th March (10am-2pm) and Saturday 16th March (12pm – 4pm), aim…

Read More
EdinburghAwardInnovativeRestuarant with RoomsResponsible Employer21212
08 March 2019

Edinburgh Michelin Star Restaurant Named As One of UK’s Most Innovative Employers

21212 have been highlighted in the Employer Award category which celebrates individuals who are championing innovation i…

Read More

LuxuryStaywinterdine5 StarSpaOfferIsle of Eriska
27 January 2019

Isle Of Eriska: Winter Spa Break

Located on the west coast of Scotland, the island boasts gorgeous views overlooking Loch Linnhe and the dramatic Morvern…

Read More
LuxuryStaywinterdine5 StarGreywallsGolfOfferWest Lothian
24 January 2019

Greywalls: Winter Weekend 2 Night Package

Greywalls Hotel is uniquely situated on the edge of Muirfield championship golf course with stunning views over East Lot…

Read More
Luxurywinter5 StarGlencoe HouseHot Tub
25 January 2019

Glencoe House Winter “Hot Tub Suite” Offer

Who doesn’t want to sit in the hot tub on a crisp winter’s evening star gazing or sit beside a roaring wood burning stov…

Read More
LuxuryStaywinterdineInverness5 StarhighlandsRocpool Reservebreak
25 January 2019

Rocpool Reserve: Weekday Package

Rocpool Reserve will redefine the experience forever. It's about elegance, not exhibitionism.

Read More

If you need marketing support for your hotel or tourism business please visit our partners