Technology Vendor’s Poor Security Too Risky for Your Business?
You trust your IT services vendor to provide you with the experience and support that your business needs. What happens when your tech gurus aren’t doing their best?
You do everything possible to secure your hospitality business — carefully vetting staff members and contractors that have access to sensitive data, adding layers of security and active monitoring to your databases and creating a schedule of phishing training for anyone who accesses your corporate email accounts. No matter how hard you try, the one thing you simply cannot control is the cybersecurity readiness level of each of your vendors. Even if you put the most stringent measures in your contract and regularly request information about how data is being used and the access levels, it only takes a single mistake for your data to be compromised. This is particularly true of vendors when you are beginning a relationship because you’re still getting to know each other and the levels of security may not yet be fully hardened. It’s crucial that you explore security levels with current and future vendors to ensure that your sensitive business information and systems remain protected and secure.
The Rising Threat of Data Breaches
The threat of data breaches is particularly dangerous for the hospitality industry because there is a great deal of competition for limited consumer business. Your customers need to be able to trust your brand with their personal information, or they will begin choosing your competitors — which can cost you a great deal of ongoing revenue. Hospitality businesses are particularly juicy targets due to the high number of consumer records and the specific details that are stored within company databases. Everything from dates of their future stays which could leave families open to burglary to the financial details such as credit card numbers and expiration dates are often stored inside hotel databases. According to Elad Shapira, vice president of research at Panorays cybersecurity platform, “Past attacks have shown that while the third party suffers from associated breach costs, the company that uses the third party is greatly impacted as well, from brand damage to actual loss of revenue”.
Creating Shared Responsibility for Data Protection
With the cost of data breaches rising to upwards of $150 per record, businesses in high-risk sectors such as healthcare, hospitality and financial services are looking for ways to reduce their exposure in the event of a data breach. Cybersecurity insurance is one way to help limit the overall cost to the organization, but creating a shared responsibility for security between vendors or partners creates an added incentive for all to be proactive in their cybersecurity protection. Many cloud service providers such as Amazon Web Servicesand Microsoft Azure are taking the approach of shared liability for any breach. While the cloud provider will assume the risk of securing the infrastructure, the individual business storing the data also assumes the burden of ensuring that the data stored within these systems have been adequately secured.
Protecting your business from the cybersecurity dangers that are lurking around every corner is the cornerstone of any IT services partnership. You deserve to know that your sensitive customer data and business systems are being adequately protected from hackers and that the solutions used by your technology partners are adequately patched and secured against incursions. As proven by the recent attack on Choice Hotels, even a short-term problem — such as leaving a database unprotected by a password for a mere four days — can cause far-reaching problems for your organization. At Pulse Technology Solutions, we specialize in providing hospitality businesses in Florida, Puerto Rico and the US Virgin Islands with the proactive services and business infrastructure that you need to maintain seamless operations. Contact us today at 239-572-9462 or enter your information into our convenient online form to claim your free initial consultation.