Category Archives: Privacy

by | November 1, 2011 · 4:53 am

Hospitality Industry Employee Risks: Hotel Management Company Files Suit Against Two Former Employees And Employer Claiming "Theft Of Confidential Documents"

 “…Hersha Hospitality Management LP has filed suit against two former employees and their new employer, claiming the former employees allegedly could have stole thousands of confidential documents before leaving to take their new jobs…”

 In a 17 October filing in U.S. District Court, Hersha said the employees engaged in a “web of deception” in their final days at Hersha before leaving for positions at The Procaccianti Group, a private real-estate investment company. Before leaving, Hersha said in the filing, the two recruited two other key Hersha employees to also leave. The two denied recruiting the other executives, Hersha said in the filing.

By way of a computer forensic examination, Hersha also found the two former employees potentially stole “thousands” of sensitive computer files. “(Hersha) is now faced with the real possibility that its direct competitor, TPG, could have access to its most important competitive secrets and strategies,” Hersha officials wrote in the filing. “Upon information and belief, TPG encouraged this conduct by offering the former (Hersha) employees substantial raises in a blatant effort to harm (Hersha) by raiding its top managers and by inducing them to commit wrongs.”

 

A call to TPG president and CEO James A. Procaccianti was returned by the company’s director of communications Ralph Izzi, who said it is TPG’s policy to not comment on pending litigation. A Message left by HotelNewsNow.com with Hersha president and CEO Naveen P. Kakarla was not returned by deadline Friday.

 

For more:  http://www.hospitalitynet.org/external/4053560.html

 

2 Comments

Filed under Crime, Labor Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , ,

by | October 28, 2011 · 5:41 am

Hospitality Industry Cyber Crime: Washington Hotel Room Used By "Identity Theft" Ring Exposed By Credit Card Company Alerting Card Owner Of Hotel Room Booked At Hotel

“…The man’s credit-card company had alerted him that someone using his card had booked a room there…”

“…Police say the search turned up cell phones, lap top computers, computer hard drives, iPod touches, electronic storage devices, magnetic card readers, routers, hotspots and computer peripherals…”

Police have arrested two men and say a search has turned up evidence that there may be more victims of identity theft. Police say they have yet to determine how many vicitms there might be.

Just after noon on Tuesday, East Precinct patrol officers met a man in the lobby of the Silver Cloud Hotel in the 1100 block of Broadway. Officers went to the room and found two men.

In the room, they saw several cell phones, laptops, a WiFi hotspot, router and papers with credit-card numbers.

Detectives with the fraud, forgery and financial explotation unit got a warrant to search the room and the suspects’ vehicle.

For more:  http://www.seattlepi.com/local/article/Seattle-cops-may-have-busted-identity-theft-ring-2239352.php

Comments Off on Hospitality Industry Cyber Crime: Washington Hotel Room Used By "Identity Theft" Ring Exposed By Credit Card Company Alerting Card Owner Of Hotel Room Booked At Hotel

Filed under Crime, Guest Issues, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , ,

by | October 20, 2011 · 7:13 pm

Hospitality Industry Guest Room Security: "Mobile Phone Master Key ByPass" Technology Allows Instant "Neutralizing" Of Lost Or Stolen Master Keys

“…when a master key is lost or stolen, each and every lock must be manually re-programmed to ensure that anyone finding the master key cannot open every door in the hotel…”

 Hotel managers have long experienced the logistical and costly hurdles of having to manage the loss of staff master key cards. With the uptake of Mobile Key by OpenWays – the industry’s first and only ubiquitous mobile phone guest front desk bypass method allowing the unlocking of guestroom doors – hoteliers have been quick to realize the additional opportunity to help mobilize their workforce. As a result, OpenWays announces the launch of Mobile Master Key.

Appropriate administration of master keys is critically important for the safe and secure management of any hotel.

With OpenWays Mobile Master Key, neutralizing a lost or stolen master key happens simply with the push of a button. There are no locks to walk to and reprogram. It’s a highly secure and easy process. Since reporting the loss now has limited consequences, staff members are more inclined to immediately report a loss vs. trying to find their plastic card for hours before eventually reporting the loss to hotel security.”

For more: http://www.hospitalitynet.org/news/154000320/4053444.html

Comments Off on Hospitality Industry Guest Room Security: "Mobile Phone Master Key ByPass" Technology Allows Instant "Neutralizing" Of Lost Or Stolen Master Keys

Filed under Guest Issues, Labor Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology

Tagged as , , ,

by | October 19, 2011 · 8:20 am

Hospitality Industry Social Media Risks: Hotel Management Must Asses Legal Risks Related To All Advertising Media Including Trademarks, Copyrights, Privacy And Data Security

“…from a risk-management and legal perspective, social media public relations, marketing and advertising efforts frequently present legal risks that are not always fully appreciated either by managers and directors, or those charged at the operations level with implementing the plans…”

The potential legal risks are wide-ranging and cover areas such as trademarks and copyrights, rights of publicity and privacy, data security, labor and employment issues, and the like. They also include compliance with the rules and regulations of state and federal agencies, such as the Federal Trade Commission.

  •  The potential legal risks are wide-ranging and cover areas such as trademarks and copyrights, rights of publicity and privacy, data security, labor and employment issues, and the like.
  • There is no reason not to proactively review the avenues of social media and begin the process of developing guidelines to mitigate risk. 
  • Fundamentally, a significant number of arising issues are no different than they are in traditional advertising mediums and require nothing more than policy tweaking.

For more: http://www.hotelnewsnow.com/Articles.aspx/6715/How-to-manage-legal-risks-of-social-media

2 Comments

Filed under Guest Issues, Insurance, Labor Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Training

Tagged as , , , ,

by | October 14, 2011 · 6:15 am

Hospitality Industry Guest Information Risks: Hotels Are Collecting More Personal Information On Guests And Protecting "Personally Identifiable Information" Is Top Priority

“…ensuring the security of this data is so important that it’s consuming hotel IT departments’ attention right now, said Josh Weiss, Hilton Worldwide’s VP of brand and guest technology…”

 “…The stakes involved in protecting “personally identifiable information” (data that can be used to uniquely identify, contact or locate a single person) are far higher with this personal information than with credit-card information…”

As hotels collect more personal information about guests and the Epsilon and Sony data breaches earlier this year shook people’s confidence in corporate data protection, hotel guests are increasingly asking hotels how well they’re securing their personal information, Mark McBeth, Starwood Hotels’ VP of information technology, said during a recent conference.

IT execs from Starwood and also Hilton and owner/operator White Lodging said they’re responding by making guest-data security their No. 1 priority. “PII is considered high-risk because if there were to be a breach, you’re exposing the guest’s identity,” he said. “It paints some pretty scary pictures.”

A “PII” breach could potentially lead to child abduction or a murder if information falls into the wrong hands, he said.

For more:  http://travel.usatoday.com/hotels/post/2011/10/starwood-hilton-work-to-protect-personally-identifiable-information/553616/1

Comments Off on Hospitality Industry Guest Information Risks: Hotels Are Collecting More Personal Information On Guests And Protecting "Personally Identifiable Information" Is Top Priority

Filed under Crime, Guest Issues, Insurance, Maintenance, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , ,

by | October 11, 2011 · 10:22 am

Hospitality Industry Employee Application Risks: Video News Report Of South Carolina Hotel That Fired Employee After Police Inquired About "Identification Records"

[youtube=http://www.youtube.com/watch?v=2hGgQUS45LQ]

South Carolina Hotel fired an employee after 15 months when she could not produce required identification.

 

Comments Off on Hospitality Industry Employee Application Risks: Video News Report Of South Carolina Hotel That Fired Employee After Police Inquired About "Identification Records"

Filed under Labor Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Training

Tagged as , , , ,

by | September 29, 2011 · 6:09 am

Hospitality Industry Information Security: Major Hotels Move Closer To "Secure Payments Framework" That Will Protect Guest Credit Card Data Through "Tokenization"

 “Every major hotel company is working to get as many of their systems as possible out of the scope of the Payment Card Industry Data Security Standards (PCI-DSS)…Most of these companies have focused on solutions based on tokenization, and many have implemented them or are in the process of doing so.”

Tokenization is a process whereby sensitive card data is stored in a single secure location, which may be operated by a hotel brand, a payment gateway or another third party, and replaced in hotel systems by substitute “tokens.”  The tokens can be used to complete the transaction, but are useless if intercepted electronically by a thief. 

Top hotel security executives met several times to discuss this problem as the HTNG Secure Payments Framework effort took shape during August and early September.  Early discussions indicated a broad agreement that a single industry framework is needed, and that the framework needs to work with existing security approaches in place at major hotel companies and in commonly used systems.  There was also agreement on the key elements needed for the industry framework.  The group intends to document this framework conceptually in a white paper that will form the basis for subsequent standards development.

  This new effort will leverage hotel companies’ prior investment in tokenization efforts, adding a layer of security that will enable those solutions to be extended to unrelated parties that may be involved in transactions, such as online travel agencies, global distribution systems, switches, channel management systems, central reservation systems, management companies, independent hotels, payment gateways, swipe devices, and other parties.  “The approach is intended to enable the tokenization of card data by the first system that touches the reservation,” said Rice.  “The sensitive data will remain stored in a secure vault, and all of the other systems will simply pass along the token in place of the credit card.  The hotel itself can then submit the token to its token provider or gateway to complete the card transaction.  The card data itself need never touch a hotel system.”

For more:  http://www.hotelnewsresource.com/article58324.html

Comments Off on Hospitality Industry Information Security: Major Hotels Move Closer To "Secure Payments Framework" That Will Protect Guest Credit Card Data Through "Tokenization"

Filed under Guest Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology

Tagged as , , , ,

by | September 19, 2011 · 5:58 am

Hospitality Industry Guest Security Risks: Hotels Must "Reset Factory Codes" On Hotel Safes To Prevent Unauthorized Opening Using "000000"

“…Being able to unlock a hotel safe by entering in all zeros, he said, is pure ‘negligence on the hotel’s part’…. every safe has a factory code, whether it is all zeros or all ones, and it is each hotel’s responsibility to reset this factory code when they take the safe out of the box…”

The hotel safe you use to stash your passport, laptop and other valuables might have a major security flaw, according to a traveler’s YouTube.com video highlighted by Web tracker DailyDot.com.

In his video headlined, “Don’t Trust Your Hotel Room Safe,” traveler “skyrangerpro” shows himself unlocking his hotel room’s safe by entering all zeros.

He was given the “000000” security code by the front desk when he told them he’d forgotten the password he’d previously chosen.

For more:  http://travel.usatoday.com/hotels/post/2011/09/hotel-safe-youtubecom-video-questions-safety/547821/1

Comments Off on Hospitality Industry Guest Security Risks: Hotels Must "Reset Factory Codes" On Hotel Safes To Prevent Unauthorized Opening Using "000000"

Filed under Guest Issues, Liability, Maintenance, Management And Ownership, Privacy, Technology, Theft, Training

Tagged as , , ,

by | September 15, 2011 · 10:17 am

Hospitality Industry Cybercrime Risks: Hotel Management Should Have Policies "Disclosing Risks Of Hotel Computer And Wireless Internet Usage"

“…According to a report from antivirus software manufacturer Norton, global cybercrime has claimed 431 million adult victims in the past year, costing countries $114 billion in direct financial losses. That figure jumps to $388 billion when you factor in the value that victims place on the time they spent recouping the losses…”

Last year, in the U.S. specifically, more than 74 million people were victims of some form of cybercrime, leading to $32 billion in direct financial losses.

  • Recognize that your smartphone is really a pocket-size computer and is prone to the same types of attacks directed at your laptop and desktop. Take steps to protect it, such as keeping your operating system current and creating a strong password.
  • Keep your personal information to yourself. For instance, don’t put your entire birth date, including the year, on Facebook. Think about the security questions normally posed by your bank and other secure locations: “first school you attended,” “name of favorite pet” and the like. Are your answers on display online?
  • Know the pitfalls of public Wi-Fi. CreditCards.com says, “Avoid public wireless Internet connections unless you have beefed-up security protection.”
  • Beware of public computers, too. For instance, Kiplinger says, “Don’t access your accounts or personal information on public hotel computers, which could have software that logs keystrokes and records your passwords and account numbers.”
  • Use credit cards, rather than debit cards, when making purchases online. In case of fraud, you’ll get much better protection from liability with a credit card.

For more:  http://money.msn.com/identity-theft/article.aspx?post=6730f6ce-5203-4b59-bd46-f65a7a3545c2

Comments Off on Hospitality Industry Cybercrime Risks: Hotel Management Should Have Policies "Disclosing Risks Of Hotel Computer And Wireless Internet Usage"

Filed under Guest Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , ,

by | September 13, 2011 · 10:49 am

Hospitality Industry Information Security Risks: Senate Introduces "Personal Data Protection And Breach Accountability Act Of 2011" Forcing Companies To Secure Personal Data

“…Introduced by Sen. Richard Blumenthal (D-Conn.), the Personal Data Protection and Breach Accountability Act of 2011 would force companies that hold online information for more than 10,000 people to follow strict guidelines to ensure the data is stored correctly…”

The U.S. Senate will consider a bill aimed at protecting citizens’ personal information from online data theft, and penalizing companies that don’t adequately store and safeguard their customers’ personal information.

The bill would impose fines on companies who don’t follow the guidelines and leave customer data open to compromise, and open the door for customers to sue companies that don’t adequately protect their data.

Blumenthal’s bill would put the U.S. government in line with states such as Massachusetts, which has legislation that fines companies that improperly protect residents’ digital data.

For more:  http://www.msnbc.msn.com/id/44491737/

Comments Off on Hospitality Industry Information Security Risks: Senate Introduces "Personal Data Protection And Breach Accountability Act Of 2011" Forcing Companies To Secure Personal Data

Filed under Crime, Guest Issues, Insurance, Legislation, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , ,