search
Home > Press Room

AH&LA STATEMENT ON IDENTITY THEFT VIA UNSECURED TECHNOLOGY 

The lodging industry, like many other industries, frequently offers guests access to technology. In fact, it is one of the amenities most requested by guests, who find it essential to stay connected while traveling. Most hotel networks, regardless of being Wi-Fi or a direct cable connection, are considered public networks and cannot offer assurances of 100 percent security.

As computer users well know, lack of full privacy protection and identity theft are a potential risk when accessing any network, including public networks. There are risks that cannot be eliminated and are inherent in hotel networks, since such a network is, by definition, public. Guests using public networks should always practice identity protection by exercising judgment in making financial transactions or accessing sensitive personal data. Guests who need this convenience while traveling can reduce risks further by learning how to remove information cached on a public computer, and how to minimize any unencrypted personal data they allow to transfer across a public network.

Though not empowered to set standards, AH&LA encourages the industry to review and re-evaluate their policies and procedures to safeguard guests' personal information. As the only trade association representing the hotel community, AH&LA offers resources tips, information, and products to hoteliers. Click here to view tips to help safeguard guests when they access unsecured technology.

TIPS

  • Disable or block file sharing (and all other network services) on interfaces used for broadband access
  • Enable Windows Firewall or (preferably) install a third-party personal firewall
  • Use file encryption, available in Windows XP Professional and other products
  • Choose non-obvious passwords to deter notebook, data, and server access
  • Use a VPN or encrypted mobile application, ideally with two-factor (hardware or biometric) authentication
  • Choose public Wi-Fi access that provides enhanced security services
  • Connect only to known SSIDs, using WPA/802.1X to verify the server's certificate
  • Disable ad-hoc mode and automated connection to non-preferred SSIDs
  • Use a host intrusion detection agent to detect/prevent risky connections, including bridging between wireless and wired interfaces
  • Use different passwords
  • Never make a purchase or use a credit card or bank account information on unsecured or public networks


Return to main Press Room

  • |
  • |
    • © 2010 American Hotel & Lodging Association