Keeping security in check is vital for mobile POS usage

Oracle POS

This article is part three of a three-part series on mobile POS. Part one can be found here and part two can be found here.

Data security has to be in the forefront for any hotelier and technology provider in this day and age. By default, mobile devices are seen as less secure than their fixed counterparts, said Cristian Morosan, assistant professor at the University of Houston’s Conrad N. Hilton College. This is because of their predominantly radio-based character; their size, which makes them prone to misplacement or theft; and sometimes the high fragmentation of the device's operating system, which may create confusion in the proper usage, he continued.

“I think securing mobile [point-of-sale] systems should not be viewed as radically different than security a traditional fixed POS system,” Morosan said. “There are a number of challenges that are specific to mobile POS systems, such as making sure that the networks are secure, and the systems are designed to not acquire sensitive information and store them on the device. Other than that, common sense in utilization and a good organizational culture that cultivates information privacy and safeguards safety would increase the chances of a secure utilization of mobile POS systems.”

Greg Grant, senior director for Phoenix Managed Networks, warned that the security of mobile POS really depends on how a hotel is implementing it. “If done correctly, it can be more securely set up within the hotel’s systems,” he said. “But how a hotel is defining ‘mobile’ is really the key. Wi-Fi will touch the local network and a hacker could get to that data. Cellular is more secure because it doesn’t touch that local network and everything is encrypted.”

Grant suggested that hotels need to make sure their Wi-Fi system is segmented and isolated from all other Internet traffic. Every IP address is a potential breach point for a hacker because they can be compromised to get access to the main network. “Breaches are sharply on the rise in hospitality,” he said. “Mobile end points are often left wide open: default passwords, wrongly set up, not properly isolated. Hoteliers need to understand the complexities and reduce the scope of where critical information is.”

Nick Low, senior solution manager for Oracle, suggested that hotels invest in a good site survey, which would take into account Wi-Fi signals. “The kitchen, full of microwaves and heat lamps, and just large quantities of people in proximity can all interfere with the Wi-Fi signal,” he said. “A site survey will foresee these potential issues so hoteliers can prepare. It may be expensive to complete but it is worth it in the long run to offer the best possible service.”