Category Archives: Technology

by | May 10, 2012 · 7:00 am

Hospitality Industry Technology Risks: Hotel Internet Connections Pose New Risks For "Malicious Software" Infecting Guest's Computers

The FBI said typically travelers attempting to set up a hotel room Internet connection were presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.

The FBI today warned travelers there has been an uptick in malicious software infecting laptops and other devices linked to hotel Internet connections.

The FBI wasn’t specific about any particular hotel chain, nor the software involved but stated: “Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers abroad through pop-up windows while they are establishing an Internet connection in their hotel rooms.

The FBI also recommends that travelers perform software updates on laptops immediately before traveling, and that they download software updates directly from the software vendor’s website if updates are necessary while abroad.”

For more:  http://www.itworld.com/security/276162/fbi-issues-warning-hotel-internet-connections

2 Comments

Filed under Guest Issues, Maintenance, Management And Ownership, Privacy, Risk Management, Technology

Tagged as , , , , , , ,

by | May 8, 2012 · 7:04 am

Hospitality Industry Legal Risks: "Americans With Disabilities Act" (ADA) "Website Accessibility" Lawsuits Will Force Hotels To Update Websites To Service Disabled Guests

“…Charles Schwab… announced last week that they settled a year-long claim by a blind customer that its website was inaccessible to blind, low vision and cognitively challenged customers….”

 Not only does your website need to comply with the substantive requirements for listing hotel accessible features, for example, but the website itself needs to be accessible to disabled customers.

You need to ask yourself some questions. For example:

  • What standards of accessibility is your website hosting?
  • How do you measure website compliance?
  • How often do you audit your website for ADA compliance?

Charles Schwab joins a list of 15 prominent companies which have settled website accessibility complaints. Charles Schwab agreed that it will make its website more accessible and inclusive for all customers, and agreed to implement the Web Content Accessibility Guidelines (WCAG) Version 2.0 Level AA which will make its website navigable by disabled customers.

An informal complaint backed by the threat of litigation and administrative investigations was lodged with Charles Schwab by the lawyer for a blind day trader. The claimant was a long-time Schwab customer and herself a computer programmer. One morning, she found that she could no longer navigate the Schwab website using JAWS software and was prevented from making trades on-line. The

The Department of Justice (DOJ) has not approved and adopted any formal standards for website accessibility and recently withdrew its Notice of Proposed Rule Making for web access standards. The Web Accessibility Initiative (WAI) has been working for years and has promulgated the WCAG which is widely recognized as the “gold standard” for web access. However, given the almost daily changes in technology and the complexities of cyberspace, there are no official website standards.

Most recent DOJ investigations and settlements have focused on website accessibility. Target Corp. recently paid over $6 million to settle a website ADA class action.

For more:  http://hotellaw.jmbm.com/2012/05/ada_compliance_-_charles_schwab_settlement.html

Comments Off on Hospitality Industry Legal Risks: "Americans With Disabilities Act" (ADA) "Website Accessibility" Lawsuits Will Force Hotels To Update Websites To Service Disabled Guests

Filed under Guest Issues, Legislation, Liability, Maintenance, Management And Ownership, Technology, Training

Tagged as , , , , ,

by | April 12, 2012 · 1:10 am

Hospitality Industry Information Technology Risks: Hotel And Restaurant "POS Systems" Are The #1 Target Of Criminal Data Breaches

If a criminal can breach a system in the restaurant, they also have access to the front desk, the spa and any other connected system. The risk is even greater when hotels are part of a hotel chain with interconnected systems.

Franchise businesses are particularly at risk primarily because franchises tend to have the same POS system duplicated at all locations. If a cybercriminal can figure out a way to breach one, in all likelihood, they can replicate the attack at other locations.

In 2011, Trustwave SpiderLabs conducted 42 percent more data breach investigations than in the previous year. More than 85 percent of these data breaches occurred in the food and beverage, retail and hospitality industries.

Why the focus on these industries? There are several reasons, but the number one is that they all process credit cards. In our investigations, we found that the vast majority of assets targeted by criminals were point-of-sale software systems (75 percent of cases). Think of the scenario of a hotel that maintains a restaurant, a spa, as well as other services all connected to one POS system.  We’ve investigated cases where the criminal breaches the environment at one location and was in turn able to connect todozens of others through the wide area network used by the hotel chain.

For more:  http://www.forbes.com/sites/ciocentral/2012/04/11/restaurants-beware-hackers-want-your-customer-data/

2 Comments

Filed under Crime, Guest Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , , , ,

by | · 1:10 am

Hospitality Industry Information Technology Risks: Hotel And Restaurant "POS Systems" Are The #1 Target Of Criminal Data Breaches

If a criminal can breach a system in the restaurant, they also have access to the front desk, the spa and any other connected system. The risk is even greater when hotels are part of a hotel chain with interconnected systems.

Franchise businesses are particularly at risk primarily because franchises tend to have the same POS system duplicated at all locations. If a cybercriminal can figure out a way to breach one, in all likelihood, they can replicate the attack at other locations.

In 2011, Trustwave SpiderLabs conducted 42 percent more data breach investigations than in the previous year. More than 85 percent of these data breaches occurred in the food and beverage, retail and hospitality industries.

Why the focus on these industries? There are several reasons, but the number one is that they all process credit cards. In our investigations, we found that the vast majority of assets targeted by criminals were point-of-sale software systems (75 percent of cases). Think of the scenario of a hotel that maintains a restaurant, a spa, as well as other services all connected to one POS system.  We’ve investigated cases where the criminal breaches the environment at one location and was in turn able to connect todozens of others through the wide area network used by the hotel chain.

For more:  http://www.forbes.com/sites/ciocentral/2012/04/11/restaurants-beware-hackers-want-your-customer-data/

2 Comments

Filed under Crime, Guest Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , , , ,

by | March 8, 2012 · 1:17 am

Hospitality Industry Fire Risks: "Fire Safe Hotels" Are Listed On FEMA "Hotel-Motel National Master List"

CLICK ON "HOTEL" TO VISIT NATIONAL FIRE SAFE HOTEL SITE

Comments Off on Hospitality Industry Fire Risks: "Fire Safe Hotels" Are Listed On FEMA "Hotel-Motel National Master List"

Filed under Fire, Liability, Maintenance, Management And Ownership, Technology

Tagged as , , , ,

by | March 6, 2012 · 1:22 am

Hospitality Industry Security Risks: New York Hotel Suffers Thousands Of Dollars In Damage From Group At Guest Room Party; Surveillance Video Critical To Finding Vandals

 “…a group at a party in a room at the Towne Plaza Suites on Holland Avenue is suspected of ripping off wall lights, breaking ceiling tiles and ceiling lights, discharging fire extinguishers and spraying a can of Mace in the third floor hallway…”

Vandals caused several thousand dollars worth of damage to an Albany hotel early Sunday morning. Mace got into the hotel’s ventilation system so the second and third floors had to be evacuated and ventilated, police said in a news release.

Hotel staff members believe the vandals are associated with an Albany man who rented a third fl oor room at the hotel. Police received a call from hotel staff about the incident at 1:15 a.m. Sunday, but when they arrived at the hotel all of the partygoers had already left through the back door.

Surveillance video will be examined to see if any of the vandals can be identified.

For more:  http://www.dailygazette.com/news/2012/mar/05/0305_vanals/

Comments Off on Hospitality Industry Security Risks: New York Hotel Suffers Thousands Of Dollars In Damage From Group At Guest Room Party; Surveillance Video Critical To Finding Vandals

Filed under Crime, Guest Issues, Insurance, Maintenance, Management And Ownership, Risk Management, Technology

Tagged as , , ,

by | March 3, 2012 · 6:56 am

Hospitality Industry Social Media Risks: Hotel Management Faces Legal Issues With Regard To "Relationships" Of Employees Discovered On Facebook

While platforms such as Facebook and Twitter present new opportunities for training and engaging with employees, they also bring new challenges and wrinkles to the age-old workplace policies and practices…(such as)… two of your most exemplary employees who work the front desk..(who)… one day via a Facebook update… entered into a relationship despite your hotel’s strict policy against it…”

“…A user who posts something on Facebook without the proper security filters does so with no expectation of privacy…”

The above scenario was one of many social-media quandaries presented during a table-top summit Tuesday at the 6th Annual HR in Hospitality Conference & Expo.

In this situation, you could fire Johnny, according to Gregg Gilman, an attorney with New York-based Davis & Gilbert LLP. A user who posts something on Facebook without the proper security filters does so with no expectation of privacy, he said. Thus, you treat the case as if you discovered the illicit relationship in one of the “old-fashioned” ways, such as hearing about it from another employee or observing certain tip-offs. 

“You have this new medium, but the same old rules apply,” Gilman said. “… If you operate by those rules, you’re going to be OK.”

Robert Mellwig, VP of HR for Englewood, Colorado-based Destination Hotels, agreed. “We don’t want to get distracted around the technologies,” he said. “… It could easily happen in any other form.”

Where an employer might get into trouble is if they “friend” an employee on Facebook under false pretences for the sole purpose of uncovering activity that runs counter to workplace policy, Gilman said.

For more:  http://www.hotelnewsnow.com/Articles.aspx/7665/Social-media-brings-new-legal-issues-to-hotels

Comments Off on Hospitality Industry Social Media Risks: Hotel Management Faces Legal Issues With Regard To "Relationships" Of Employees Discovered On Facebook

Filed under Labor Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Training

Tagged as , , , , ,

by | March 1, 2012 · 1:24 am

Hospitality Industry Information Risks: Hotel's Store "Enormous Amounts Of Data" That Is Never Used; 100% At Risk And 0% Value

“…companies can go a long way toward reducing their exposure to significant losses resulting from a security breach by putting themselves on a “data diet…There is an enormous amount of information that we never use, but we never get rid of. It’s 100% risk and 0% value. As a risk manager, that’s the scariest equation you’re ever going to hear…”

While there is no way for companies to completely eliminate the risk of data breaches and cyber attacks, there are several steps they can take to reduce their potential financial and reputational losses, a panel of experts said Thursday at the third annual Business Insurance Risk Management Summit®in New York.

“The fact is that you’re going to be attacked. That’s the reality,” said Alan Brill, senior managing director of secure information services for New York-based Kroll Inc. A well-crafted cyber risk management program need not be wildly expensive or complex, Mr Kroll said, but should at least strive for “commercially reasonable levels” based on company size and industry.

For more:  http://www.businessinsurance.com/article/20120229/NEWS06/120229881?tags=|338|299|302|342|303|335

Comments Off on Hospitality Industry Information Risks: Hotel's Store "Enormous Amounts Of Data" That Is Never Used; 100% At Risk And 0% Value

Filed under Guest Issues, Insurance, Labor Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , ,

by | February 10, 2012 · 6:41 am

Hospitality Industry Employee Risks: New York City Hotel Housekeeper's To Carry "Security Panic Button" Devices In Wake Of Sexual Assault Case (Video)

[youtube=http://www.youtube.com/watch?v=5KeNcPW_0ig&feature=player_embedded]

Nine months ago a hotel maid accused Dominique Strauss Kahn of sexual assault. The case was dropped but now NYC hotel owners and the union that represents maids wants all housekeepers to carry a security ‘panic button.’

Comments Off on Hospitality Industry Employee Risks: New York City Hotel Housekeeper's To Carry "Security Panic Button" Devices In Wake Of Sexual Assault Case (Video)

Filed under Labor Issues, Liability, Maintenance, Management And Ownership, Risk Management, Technology

Tagged as , , , ,

by | February 9, 2012 · 1:57 am

Hospitality Industry Compliance Risks: Hotels Must Equip Pools And Spas With "Pool Lifts" To Comply With 2010 ADA Standards

The 2010 ADA Standards for pool access have significantly changed the requirements for municipal and private pools by requiring, for the first time, that they be equipped with independently useable pool lifts during all operating hours.

Since the DOJ announced its intention to require lifts in nearly all pools, the hotel industry and others have opposed or sought clarification of this provision.

In October, 2010, the American Hotel & Lodging Association sought clarification of the pool lift requirements which become mandatory on March 15, 2012. The AH&LA noted that pool lifts, particularly fixed devices, are potentially dangerous to users and children playing around pools. Moreover, they can be quite costly to most pool operators. The industry’s concerns apparently fell on deaf ears as evidenced by the DOJ’s position issued this week.

The DOJ has officially confirmed that:

  • The mandatory date for installation of pool lifts is March 15, 2012.
  • Pool lifts need to be installed at each pool during all operating times and be independently operable by disabled persons.
  • Pool lifts must be “fixed” unless the operator can prove that doing so would not be “readily achievable” as defined in the ADA, in which event, a portable lift meeting all of the ADA Guidelines could be deployed.
  • Accessible lifts cannot be shared between a pool and a spa, each would seem to require a separate device.
  • Pool lifts must be properly maintained and in good repair, with any battery components charged for use.
  • Staff must be trained in the use and safety of pool lifts.

For more:  http://hotellaw.jmbm.com/2012/02/doj_flash_on_pool_lifts.html

Comments Off on Hospitality Industry Compliance Risks: Hotels Must Equip Pools And Spas With "Pool Lifts" To Comply With 2010 ADA Standards

Filed under Guest Issues, Labor Issues, Legislation, Maintenance, Management And Ownership, Pool And Spa, Risk Management, Technology

Tagged as , , , , ,