500 Million Reasons to Secure Your System
When Marriott International purchased Starwood Hotel & Resorts for $13.6 billion, they didn’t realize the price tag would include the largest hospitality data breach in the world.
Shortly after the deal was announced, Starwood disclosed that their reservation system had allowed unauthorized access for the past four years. And last month it was revealed that the data on 500 million guests was exposed – including passport numbers, travel history details, loyalty program data, and encrypted credit card data.
It’s too early to tell the effect this breach will have on the Marriott brand as a whole, but customers are never happy to discover their data – especially their financial or identity data – has been exposed.
Reservation systems for international hotel chains are necessarily complex behemoths. But even if your company is small, a data breach can be equally if not more damaging. With the never-ending flow of data breach announcements, consumers almost expect large retailers or hospitality chains to experience a breach. If you’re running a more intimate, personal business, where you have built a true connection to your customers or clients – a breach is going to be far more disturbing to them.
Things You Can Do To Limit Your Company’s Exposure
Use Chip Readers - One reason hotels are especially vulnerable is because many still use swipe credit cards rather than chip readers. Implement chip readers as soon as possible if you are taking customer credit card data.
Be proactive - Cyber-security expert Brian Krebs noted that, “The only way a company the size of Marriott can have a breach this big, for this long, is that nobody’s looking for it.” You must be proactive with your data. Be sure your IT team is “looking for it” – keeping a vigilant watch for any aberrations and taking cyber security seriously. Invest in common sense security and listen when your IT professionals raise red flags.
Think Long Term - Remember, cyber breaches are not readily apparent. The Starwood breach was four years in the making, and most others are not announced for many months. The initial discovery may be many months after the corruption occurs, and then the situation must be investigated to determine if any breach actually occurred – and if so, to what extent.
What should you do in response to the Starwood breach?
Keep a close watch on all of your credit card data – for yourself and any employees who might carry your corporate card. Make sure passwords, especially for any program that might include or expose credit card data (this would include virtually any retail or hospitality loyalty program), are changed frequently.
Take your company’s cyber-security seriously. If you are concerned that your current CRM may not be secure enough, take a moment to jump on my calendar, https://meetme.so/MarshallKnapp. I’m happy to offer you a complimentary 30 minute Discovery Session – let’s get to the bottom of your concerns and make sure you aren’t the next victim or perpetrator of a data breach.