Hedna pii is your goldmine a landmine
-
Upload
evelyne-oreskovich -
Category
Technology
-
view
59 -
download
1
Transcript of Hedna pii is your goldmine a landmine
![Page 1: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/1.jpg)
IS YOUR GOLDMINE
A SECURITY LANDMINE?
PII Security in the ComplexHospitality Environment
![Page 2: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/2.jpg)
What is PII
Stats and Threats
Hotel Concerns
AgendaAgenda
Legal Considerations
Best Practices
Panel Discussion
2
![Page 3: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/3.jpg)
Personally Identifiable
Information
What is PII?What is PII?
information that can be used to uniquely
identify, contact, or locate a single person or
can be used with other sources to uniquely
identify a single individual.
3
![Page 4: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/4.jpg)
What is PII?What is PII?
4
![Page 5: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/5.jpg)
PII can be used by criminals for
Identity theft
Financial fraud
Blackmail
Kidnapping
What is PII?What is PII?
Kidnapping
Burglary
Corporate Espionage
5
![Page 6: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/6.jpg)
Stats & ThreatsStats & Threats
Javelin Strategy & Research2012 Identity Fraud Industry Report
13% Increase in US identity fraud incidentsthe past yearthe past year
6
7% of smartphoneowners werevictims of identityfraud - 30% morethan the generalpublic
![Page 7: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/7.jpg)
Stats & ThreatsStats & Threats
7
![Page 8: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/8.jpg)
Stats & ThreatsStats & Threats
Strategic about targets
ID the group of people targeted
ID the likely sites, companies, locations frequented
Hacking attempts
2012 Identity Fraud Industry Report
Hacking attempts
Symantec blocked over 5.5 Billion live hackattempts globally in 2011
80% growth over the previous year.
8
![Page 9: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/9.jpg)
Hotel ConcernsHotel Concerns
Hotel Offline Concerns
Bills not fully slipped under the door
Mixing up guest folios
Thefts
Sharing client spreadsheetsSharing client spreadsheets
Calls pretexing
9
![Page 10: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/10.jpg)
Hotels’ Network Concerns
Sniffing on wireless networks
Using thumb drives in hotel network
Unsecure system access
Hotel ConcernsHotel Concerns
In-transit attacks
10
![Page 11: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/11.jpg)
Data Harvesting
Top In-transit attacks
Hotel ConcernsHotel Concerns
• Memory Scraping
• Network Sniffing
• Keystroke Logging
11
![Page 12: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/12.jpg)
3rd Party Vendors PII Security
Commissions payment services
Email marketing companies
CRS companies
Loyalty program management companies
Hotel ConcernsHotel Concerns
Loyalty program management companies
Cloud-based systems
12
![Page 13: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/13.jpg)
No single national US law
Patchwork of existing Federal laws and standards
Issued and enforced by different agencies
48 individual state breach laws
A web of complication in order to comply
Legal ConsiderationsLegal Considerations
A web of complication in order to comply
13
![Page 14: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/14.jpg)
No single national US law
Proactive vs Reactive
Europe – active requirement to maintain privacy
US – breach notification
Legal ConsiderationsLegal Considerations
US – breach notification
14
![Page 15: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/15.jpg)
No single national US law
Proactive vs Reactive
Proposed Federal Breach Law
Legal ConsiderationsLegal Considerations
Proposed Federal Breach Law
Defines how to notify people about security breach
May lead to security requirements for datacollection about employees, customers andvendors
15
![Page 16: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/16.jpg)
Multiple jurisdictions due to locations of:
Owning Company
Management Company
Branding Company
Legal ConsiderationsLegal Considerations
Branding Company
CRS companies
Origin of the guest
Cloud computing
16
![Page 17: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/17.jpg)
Company / Hotel policies clear and understood by all
Management contracts clearly state responsibilities insecuring data
Legal ConsiderationsLegal Considerations
Legal impact of cloud computing
17
![Page 18: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/18.jpg)
Employ PCI protection level
Establish data security policies & procedures
Training of staff on a continual basis
Best PracticesBest Practices
Training of staff on a continual basis
Review agreements
Ensure International law compliance
Audit to find holes
18
![Page 19: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/19.jpg)
Jeff VenzaPresident & CEO, Venza Group
Jibran IlyasSenior Forensic Investigator, Trustwave
PanelistsPanelists
Senior Forensic Investigator, Trustwave
Scott SheffeCIO, One Safe Place Media Corp
Bob BraunPartner, JMBM | Jeffer Mangels Butler & Mitchell
19
![Page 20: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/20.jpg)
Marion Hughes-Roger
VP Business Development
Hospitality Evolution Resources
ModeratorModerator
20
![Page 21: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/21.jpg)
Pa
ne
list
sP
an
eli
sts
Jeff Venza
President & CEO, Venza Group
Jibran Ilyas
Senior Forensic Investigator, Trustwave
Scott Sheffe
Pa
ne
list
sP
an
eli
sts
Scott Sheffe
CIO, One Safe Place Media Corp
Bob Braun
Partner, JMBM | Jeffer Mangels Butler & Mitchell
![Page 22: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/22.jpg)
ConclusionConclusion
5 Things to do when you get home
Learn how to password protect an excel
Meet with your IT Security team
22
Meet with your IT Security team
Contact every contractor you work with
Learn more about Identity theft
Request training
![Page 23: Hedna pii is your goldmine a landmine](https://reader034.fdocuments.us/reader034/viewer/2022051515/5575cb00d8b42a312a8b51ce/html5/thumbnails/23.jpg)
Thank YouThank You
Evelyne Oreskovich
President
Marion Hughes-RogerMarion Hughes-Roger
VP Business Development
www.HER-Consulting.com