The hotel network nightmare
Securing the hotel network is not simple; in fact, it is far more complex than creating a network for a large business.
Securing the hotel network is not simple; in fact, it is far more complex than creating a network for a large business. This is due to the constant influx of guests’ personal devices, any of which could be carrying viruses and malware that can get into the hotel’s network and steal important data.
To properly secure the network, the administration functions, which hold the hotel applications, guest data, credit card information and other personal information, must be completely separated from the public network, which guests can connect to with their multiple personal devices. This separation must be put in place to ensure that guests cannot hack into or access administrative data.
But, this is not the only concern for hotel IT managers.
Hotel networks have open-Wi-Fi, often with weak firewalls and poor passwords used by the guests. The only way to combat this is for hotels to issue guests with one-time-use passwords when they arrive to ensure the access is slightly better secured. However, when there is a large event that needs constant Wi-Fi connections for hundreds of guests, this can prove difficult. Also, guests and restaurant visitors expect to be able to access the internet and it becomes a logistic nightmare to issue every visitor that passes through the doors with a one-time-password.
Unfortunately for hotel IT managers It is also fairly easy for an attacker to set-up a Wi-Fi access point, called ‘Free Wi-Fi’, near a busy hotel. The attacker will probably not need to wait for very long before a hotel guest plugs-in to his Wi-Fi connection. The attacker can then pull data out of the air with a network sniffer, leaving no trace whatsoever on the victim’s computer, or smartphone.
Security is not just the job of the hotel, however; it is the responsibility of the guests to protect their asset’s data while using it. Hotels provide a service and it’s up to the customer to use them with common sense and the due protection in their own equipment. Guests must make sure their virus protection is up to date and if they are accessing sensitive information on their device while at the hotel, for example checking their bank accounts, experts suggest that guests utilise a VPN to connect.
The other problem for hotel IT managers is that the network must be able to handle the huge amount of personal devices that connect to the network during busy periods. In a medium size hotel, this number reaches into the thousands during busy periods and every device must be able to connect and quickly access the internet. As explained by Prasanna Rupasinghe, director of IT and AV at Kempinski Mall of the Emirates, guests now ask whether there is free Wi-Fi before they ask if there is a free breakfast.
This large number of devices connecting to the network means that bandwidth has to be carefully managed and that guests must be able to access the Wi-Fi whether they are in the bath, the bedroom or the hotel restaurants and lobby. This puts huge pressure on the hotel to continually improve its network capabilities. One wrong step and one guest that cannot access the internet will mean no return business for the hotel.