4.

2 CRITICALLY ASSESS THE IMPORTANCE OF DATA PROTECTION TO THE

IMPLEMENTATION OF TECHNOLOGY IN THE TOURISM AND HOSPITALITY
INDUSTRY

Data protection is a mechanism to prevent theft, damage or misuse of confidential

data.

IMPORTANCE OF DATA PROTECTION IN TOURISM AND HOSPITALITY INDUSTRY:

RELIANCE ON PAYING BY CARD
- The hospitality industry's existence is such that cards are extremely reliable
for payment method. For a booking, shops and restaurants also need credit card details
and the final payment is often done using the same card. This dependency on card is
being used by cybercriminals to infiltrate point of sale (POS) malicious systems that
collect credit and debit card details by scrapping the records.
- Malware affecting POS systems may go unnoticed for months.

E-Tourism and Social Media Mriganga Barman

HIGH STAFF TURNOVER
- High turnover rates and low workforce diversity between different locations mean
that retaining well-trained teams is a real challenge.
-Minute negligence can mean access to sensitive data
- Hospitality industry includes a lot of seasonal work in which people can start or be
moved only after a few months.
-Training workers to securely collect and store private data are a vital part of data
protection.
-Well-trained personnel are also able to recognize efforts at social engineering and
understand the security requirements of an organization.
COMPLIANCE
- In the hospitality industry, data security threats go far beyond the prestige that a
hotel will hold when guest data is compromised. When handling the collection and
storing of personal data by companies, business and government regulators are
becoming stricter.
- In May 2018 the EU introduced the GDPR(General Data Protection Regulation) as a
key legislation aiming at reinstructing individuals in the control of personal data while
enforcing stricter rules on the protection of personal information by organizations
during any period of time.

E-Tourism and Social Media Mriganga Barman

INSIDER THREATS
- Such data risk is more subtle, and includes staff selling data to third parties without
the company's knowledge. In general, such insider threats come with data on
customers ' preferences and behaviour that hospitality companies can gather from
their website, to form data on booking systems and revisit data at multiple points of
contact. Such data might be valuable as they end up in the hands of people who know
how to use them to achieve a competitive edge.

WHAT IS PHISHING?
Phishing threats are the method of delivering malicious messages from a reliable
source. It usually happens via email. The intention is to capture confidential data,
such as credit card and login details, or to insert malware on the computer of the
victim.

PREVENTIVE MEASURES
-Two Factor Authentication Involves two identity authentication methods — which
you know (i.e. password) and something that you have (i.e. Smartphone).
-Email filters Using machine learning and language processing to mark highly
risky email. The DMARC("Domain-based Message Authentication, Reporting &
Conformance") framework can also eliminate phishing of email.
- Augmented password logins using personal photos, identity cues, protection skins
etc.
E-Tourism and Social Media Mriganga Barman
 PROTECTIVE MEASURES BY MARRIOTT TO PROTECT FROM CYBER THREATS

-No third party software is installed on guest computers by the Hotel. The mobile
application uses a data protection SANDBOX.
“A sandbox is a software that offers an additional safety layer which prevents malware
from damaging a device. It can store encrypted information if a client has no Wi-Fi
connectivity.”

- Marriott has collaborated with a security company to monitor and check the security
of its mobile app. It has also built suspicious activity detection software in its systems.

-A public bug bounty initiative has also been introduced with the HackerOne
technology organization that encourages ethical hackers to check their websites and
mobile applications for security issues.

- Cyber Safe Travel, operated by Strike Force Technologies, makes use of security
against login breaches and keystroke encryption. Tourists are especially prone to
hackers as they often sign up for Wi-Fi networks. Hackers can download spyware to
read anything they type on their devices to control their data.

E-Tourism and Social Media Mriganga Barman

 REFERENCES
SLIDE-1
What is Data Protection and Why is it Important? Definition from WhatIs.com. (2019,
August 21).
Retrieved from
https://searchdatabackup.techtarget.com/definition/data-protection
SLIDE-2-3
Wainstein, L. (n.d.). Data Security in Hospitality: Risks and Best Practices.
Retrieved from
https://hospitalityinsights.ehl.edu/data-security-in-hospitality-best-practices
SLIDE-3
What Is a Phishing Attack? Definition and Types. (n.d.).
Retrieved from
https://www.cisco.com/c/en_in/products/security/email-security/what-is-phish
ing.html
SLIDE-3
What is Phishing? (2019, October 30).
Retrieved from https://www.forcepoint.com/cyber-edu/phishing-attack
SLIDE-4
What Have Hotels Done on Cyber security Since the Marriott Hack? (2019, December
23).
Retrieved from
https://skift.com/2019/12/24/what-have-hotels-done-on-cybersecurity-since-th
e-marriott-hack/
E-Tourism and Social Media Mriganga Barman
Thank You!

E-Tourism and Social Media Mriganga Barman