Keep data security on the front burner

Sometimes highly technical subjects, to the average layperson, are easy to gloss over and dismiss. If I can’t immediately process how something works, it’s easy to toss it on the backburner and move on to something more manageable.

Personal data, security breaches, Web-based hacking and payment card information are those kind of topics. But it’s important that we not overlook protecting personal data and instead focus on doing the most we can to keep it out of the wrong hands. It’s critically important for hotel owners, management companies, technology vendors and property-level staff to do all they can to keep guests’ data secure.

Trustwave’s report earlier this year that the hotel industry experienced the most security breaches of any other industry in 2009 should serve as a wake-up call. As a frequent traveler, the report got my attention and it’s something I think about each and every time I hand my credit card over to the front-desk clerk. As an editor, it jumped out as a topic that needs exploring; a problem that needs brought to the forefront.

It turns out there are many organizations taking action. The Payment Card Industry Security Standards Council has made its mission to ensure merchants and vendors comply with regulations that aim to keep hackers away from personal data files. The PCI SSC outlined a 12-step checklist that covers the basics of protection. Visa has adopted the 12 steps of compliance and is mandating its merchants comply with them by July 1; other credit card brands have similar deadlines. There is no PCI Police—Visa won’t be sending an inspector door to door to make sure your hotel is compliant—but if your property is breached and it turns out you didn’t take the necessary steps, the financial implications alone will be crippling.

Some of the steps are extensive; the best protection from hackers will require proactive financial investments. Point-of-sale systems should run on a dedicated server, for instance. But some precautions are simple steps we take at home on our personal desktops: tips like changing your passwords frequently, updating anti-virus software regularly, restricting unnecessary access to credit card data files and simply taking the time to learn every portal through which a guests’ credit card information passes in your system.

The mountain of information and available data, as well as the importance of safety and security, led Hotel & Motel Management to create a weeklong series on PCI compliance. With the series that will run throughout this week, we hope to help you create a more data-secure environment at your hotel as well as comply with Visa’s standards in time for the looming deadline. We enlisted the help of some of the best security experts as well as technology vendors who have been through the PCI SSC assessment process. The week will culminate with a free Live Chat at 2 p.m. ET Friday, where experts will be available to answer your questions on how you can better guard guest data and become PCI compliant. More information on the Live Chat is available here.