log in
All Articles | Back

Member Articles


Starwood Data Breach Serves as Wakeup Call to Tennessee Bars, Hotels and Restaurants 

by William Cheek

Published: November, 2018

Submission: January, 2019

 



We suspect that thousands of Tennessee restaurants, hotels, bars and other hospitality businesses gather personal information from their customers for marketing purposes.  


It’s just a birthdate, address, anniversary, spouse’s name – good stuff to know, right?


That’s all fine and dandy until some hacker steals the information.  Marriott’s disclosure that 500 million Starwood Hotel guests’ personal data was stolen should be a wakeup call. 


We’ve had Beastie Boys’ classic Paul Revere stuck in our head all morning:


 


The kid said, “Get ready ‘cause this ain’t funny


My name’s Mike D and I’m about to get money”


Pulled out the jammy, aimed it at the sky


He yelled, “Stick ‘em up!” and let two fly


Hands went up and people hit the floor


He wasted two kids that ran for the door


 


Don’t expect Mike D to come knocking on the door at your restaurant demanding you to turn over personal information squirreled away in a computer somewhere in the back office.  Modern Mike D is coming through the internet.  He’s gonna hack your computer while you are sleeping off that last martini.


Don’t delay.  Call or email your IT person now and review your security procedures to ensure that employee data, as well as customer data, is protected.  Although your system may not be sophisticated enough to withstand cyberattacks from the likes of Mike D in Ukraine, anything you do is better than nothing.


Here are a few simple tips from Waller’s IT team:


  • Physically lock the office where the computer is located when it is not in use
  • Use a password to log in
  • Use complex passwords and change them regularly
  • Create very simple software that requires password changes, which annoy the heck out of us but work
  • Encrypt your hard drive with BitLocker or other encryption software, so that if the computer or drive is stolen, the data is not easily read
  • Password protect important files, particularly those that contain personal data such as social security numbers and dates of birth

One of the easiest things to do is minimize the amount of personal information you amass.  Although an owner needs employee data, do you really need personal data on your customers?


Heed the warning and be on the lookout for Mike D.


 



Link to article

 

MEMBER COMMENTS

 

 

WSG Member: Please login to add your comment.

    Disclaimer

WSG's members are independent firms and are not affiliated in the joint practice of professional services. Each member exercises its own individual judgments on all client matters.

HOME | SITE MAP | GLANCE | PRIVACY POLICY | DISCLAIMER |  © World Services Group, 2019