The hospitality industry has been hit hard with challenges during the COVID pandemic. For a sector that prides itself on customer service and adapting to change, the last few years have been rough.

As a sector, hospitality includes restaurants, bars, and hotel businesses; but as well as other types of lodging and travel businesses, such as AirBnB operators, real estate managers, and tour guides.

On the best of days – and without having to adapt to coronavirus restrictions –

Under the best of circumstances — and without COVID-19 restrictions to complicate matters — the hospitality industry must take myriad precautions to protect guest information from prying eyes and hackers. Hotels routinely store a wealth of personal information such as addresses, credit card information and passport numbers, making hoteliers a desirable target for hackers.

For example, Wired recently reported that Marriott International has been hacked twice in recent years. Once in early 2020, compromising the sensitive information of an estimated 5.2 million guests; and a massive breach in 2018 that had exposed the information of 500 million people who had made reservations through one of the hotel giant’s portals.

Hoteliers aren’t the only ones with cybersecurity challenges, but let’s start with taking a look at what hotel chains can do to better their risk management.

How do you manage risk in the hotel Industry?

Whether we stay in a hotel room for business or pleasure, the goal of hotel management is for customers to have a smooth experience that will entice them to return for another stay and, ideally, to share positive reviews on social media.

What are specific risk areas for hotel owners and managers to consider?

  • Safety. Hotel companies are busy environments, every hour of every day. Personal security of guests is a paramount issue. Staff are often at risk for falling, tripping or straining themselves while lifting luggage. An unsafe work environment can lead to costly healthcare premiums, workers’ compensation claims, or complaints (and even lawsuits) from guests who perceive that they were hurt on the property.
  • Cybersecurity. The hospitality industry collects increasing amounts of customer data, such as tracking guests’ spending habits and choices so the hotel can provide more personalized service. Guest profiles are designed to make rebooking easy, and the profiles often contain a treasure trove of private data, such as credit card numbers, email addresses and personal preferences. Guests share this detailed data assuming that hotel owners and hotel management will keep it safe, and it is a critical risk area that must be addressed by the hospitality industry.
  • Privacy. Credit card and payment data protection is crucial. The hospitality industry itself does not have a set of privacy rules to protect any data collected. Rather, payment card and credit card management is regulated by the Payment Card Industry (PCI) standards for compliance, which must be followed to best protect the privacy of guests.

How do you manage risks in the restaurant industry?

Many of the risks in the restaurant industry are the same as those in the hotel industry, but one deserves to be highlighted:

  • Payment apps. Point-of-sale systems that run on wifi are convenient for bar and restaurant staff, but do raise cybersecurity concerns. Some apps are simply not safe to begin with, or they become unsafe because they aren’t properly updated when patches are issued for known cyber risks.

How do you manage risks in the travel industry?

Travel and weather go hand in hand, and natural disasters create some of the biggest threats to travel. It’s in the best interest of travel planners and hotel owners to dissuade people to stay when, for instance, a hurricane is threatening to cause a major business interruption. Other points to consider:

  • Climate change is bringing more volatile weather to some parts of the globe.
  • Coronavirus outbreaks and restrictions mean that more travelers are taking out travel insurance policies.
  • Cyber risks, especially associated with the hacking of client and guests’ private information, means that travel agencies must be extra vigilant to keep that information secure.

Hospitality businesses are especially vulnerable to reputational risk

As consumers leave more detailed social media reviews and travelers search online consumer platforms for these reviews, reputational risk is something all hospitality businesses are acutely aware of and must monitor closely.

It doesn’t matter which branch of the hospitality industry you work in; a poor online review may hurt your business for a long time. New hotels and restaurants can be especially vulnerable to a harsh review, and it’s super important that hospitality companies dedicate time to monitoring how, when, and where they are mentioned online.

Let ZenGRC monitor risks in the hospitality business for you!

ZenGRC’s compliance, risk, and workflow management software is an intuitive, easy-to-understand platform that never takes a break or needs a day off. Let us handle risk management while you take care of your guests.

Worry-free risk management is the Zen way. For more information on how ZenGRC can enable your CMS, contact us for a free demo.

How to Build a
Risk Management Plan