Front desk clerks are friendly…sometimes to a fault, but friendly doesn’t necessarily equal secure.
The following post is a segment in the Auditing Archives series. Hopefully the security failures I’ve seen while auditing businesses will help inspire better practices to ensure your own business security.
Front desk clerks are friendly…sometimes to a fault, but friendly doesn’t necessarily equal secure. A front desk clerk that helps you print off your afternoon boarding pass on the same computer that was just used to run your credit card violates a serious security protocol. Unfortunately, the problem is pervasive. I’ve seen this issue in virtually every hotel I’ve ever stayed at.
Because point of sale (POS) and property management system components are not segmented from other systems with access to the Internet, any accidental malware download, malicious website, bad link, or virus downloaded to that front desk computer could result a compromise that will risk every future credit card transaction.
See also: SecurityMetrics PCI Guide
Auditing Archives: The Case of the Overly Helpful Front Desk Clerk from SecurityMetrics
.svg)
