Protecting Systems from Security Breaches

More than 15 million people in the United States have their identities stolen every year. And, identity theft is big business. The people stealing data are often taking that information and selling it to third parties who use the information for nefarious purposes. That is why it is more important than ever to protect guests’ data as it’s being stored in your property’s point-of-sale (POS) system.

Luckily, there are very effective steps that hospitality companies can take to minimize the risk of a data breach says Nick Economidis, an E&O underwriter at Houston-based insurance company Beazley. “The two best practices we recommend in the lodging industry are end-to-end encryption and tokenization,” he notes.

End-to-end encryption is a system of communication where only the people communicating have access to the encryption keys, so only they can read the messages. Tokenization involves substituting sensitive data with a non-sensitive equivalent. This “token” serves as a point of reference that can map back to the original data.


Economidis also recommends configuring hospitality POS systems to only run applications that have been approved, something called “white-listing.” “This makes it much more difficult for malware—which is the cause of most of the retail data breaches we hear about—to act,” he says. Malware can either be downloaded accidentally or, less often, planted by a hacker into a company’s system.