Given the recent revelation regarding InterContinental Hotel Group and the breach of 1,200 of its locations, it’s time for the hospitality industry to follow suit and conduct a top to bottom review of their security defenses.
Hotels have always been attractive targets for cyber thieves. Payment card data is used throughout each hotel location, with most having multiple PoS terminals. Not to mention that card details are shared with the hotel through the booking process, giving cyber criminals multiple points of entry for an attack.
Say in the instance of a malware attack, even if an independently owned franchise is hit, that does not necessarily mean that the malware would be limited to just that location. Many franchises today have direct access to the parent corporation’s systems and any malware picked up locally can spread to regional, national, or event international locations.
A layered approach to security is the best approach to securing sensitive payment card data. Starting with a managed firewall to block dangerous traffic from coming into the network and protecting sensitive data from being infiltrated, coupled with real time File Integrity Monitoring and System Hardening will help defend against a Point-of-Sale breach. The PCI DSS recommend both these solutions to adequately protect systems, but too few retailers operate these requirements sufficiently well.
NNT is one of a handful of CIS Certified Vendors, the industry’s authoritative source for secure configuration guidance. With our flagship solution Change Tracker Gen7, you’re provided with CIS Hardening reports built-in at no extra cost.
The Center for Internet Security is the primarily recognized industry standard for secure configuration guidance, developing comprehensive, consensus-derived checklists to help identify and mitigate known security vulnerabilities across a wide range of platforms.
Read this article on SCMagazine