Mobile keys are a relatively new technology, but they are rapidly gaining a foothold in the lodging industry. Of course, as with most mobile tech, securing data sent and received via mobile keys is of the utmost importance to hoteliers. Michel Chamberland, a lead researcher at security firm Trustwave, describes four steps hoteliers can take to improve mobile key security.
Understand security risks.
If mobile keys are connected to the hotel’s WiFi network and a mobile key is hacked, it could lead to widespread issues throughout the hotel. “A hacked mobile key can be used as an entry point into a hotel’s entire network,” Chamberland explains.
Have a vendor management program.
According to Chamberland, one of the core resources that every organization should have is a vendor management program. “A vendor management program is not just important for embedded devices and locks,” he says. “They provide users with infinite solutions in the event of a breach.”
Do your own due diligence.
That said, hoteliers shouldn’t just rely on vendors; they need to ensure that this technology is safe for themselves and be prepared to handle it. “That way, if [a device] is compromised, the impact will be minimized,” Chamberland says.
Stay on top of new developments.
With new technology comes new hackers looking for vulnerabilities. It’s imperative that mobile key technology is kept as up to date as possible so vulnerabilities can be fixed before a device can be hacked. “It’s an ongoing process, ensuring that what you’re using is up to date, validated, and tested,” he notes.