How cyber secure is your travel agency?

Evolv highly recommends the Galaxkey e-mail and document encryption solution to tamper-proof all third-party access points to a travel company, says Gerhard Conradie, Managing Director of Evolv Networks.

Johannesburg, 21 Aug 2017
Read time 3min 00sec

Fourteen Trump hotels recently fell victim to hackers who accessed guests' personal data and credit card details when their booking service system, Sabre, reportedly suffered a data breach. In February, a cyber attack on UK travel trade organisation ABTA's Web site potentially affected around 43 000 individuals. One month earlier, a bunch of hackers reportedly spoiled travellers' fun in Austria when they used ransomware to try and lock them out of their luxury hotel rooms in the Alps.

There's no doubt that the travel industry is increasingly under serious cyber threat, especially as these attacks, data breaches and phishing scams are becoming more frequent, sophisticated and tailored. It's said that the global hospitality industry is under the top three most favoured by hackers, says Gerhard Conradie, Managing Director of Evolv Networks.

What makes the travel industry so susceptible to cyber crime?

Hospitality networks - from travel agents, tour operators, hotels, airlines, car rental companies, tourist attractions, online travel agents**, to shared-economy role-players - store a small "treasure chest" of holidaymakers' personal data. This includes contact details, birthdates, passport information, itineraries, travel likes and dislikes, and last but not least, credit card details. This high-profile, confidential data ebbs and flows in and out of these networks, with cyber criminals prowling for weak spots to commit fraud or extortion.

Travel companies often rely on booking partners and third-party vendors to conduct their business, making them vulnerable to hackers as they cannot always vouch for these vendors' cyber security measures. Cyber criminals know this. They also know these third-party vendors are attractive aggregation points of sensitive data and would rather target them than the better-geared, big-name travel and tourism brands.

Numerous travel companies offer online booking portals which immediately put them on cyber criminals' radar. With bookings being done on personal devices and smartphones, an extra security risk factor is added.

How can the travel industry create a cyber security culture?

It's imperative that travel companies understand exactly where the sensitive data resides within their business and what its travel patterns are. With this insight, all third-party access points can be tamper-proofed.

* Monitor in and outgoing communication to detect data-lifting malware and prevent data pilferage, needs to be in place.
* Keep your CRM system secure by restricting staff's activities within the system, reducing the Web sites they can browse, and controlling access to your back-end systems.
* Update security and anti-virus software.
* Apply the latest browsing protection, script and ad-blocking technologies.
* Use only strong passwords.
* And don't ever open e-mail attachments from unknown sources.
* Tokenise - A rock-solid way to protect data is tokenisation (substituting sensitive data elements with non-sensitive elements or "tokens") or data encryption (translating data into a form or code which people can only access with a key or password).

As a Galaxkey Platinum Partner, Evolv highly recommends this e-mail and document encryption solution. It can be deployed on multiple platforms, is simple to use and is embedded with the highest level of security technology. It also protects data you store in the cloud.

Should your travel business fall victim to a cyber attack or data breach, your Galaxkey protection will ensure that hackers cannot monetise your data. Their "plunders" will be pretty much worthless.

Evolv Networks

Evolv Networks was founded in 2005 with the goal of supplying superior IT consulting and support services to SME and large companies. Equipped with industry-leading technical skills it has remained committed to this strategy. It strives to better understand its customers and through this it can align technology with their business needs and processes.

As an IT Service Partner, it also knows that technology never stands still and through its own evolution it has brought value-adding technologies to its customers. With careful maturity testing and entrenching new technology in its environment, it ensures that the solutions it supplies are business ready. This methodology originates from deep technical roots guaranteeing that solutions are tried and tested.

As experts in the design, deployment and support of IT infrastructure it continues finding innovative ways to use technology to solve the business challenges of its customers.

Gerhard Conradie, a certified MCSE (Microsoft Certified Systems Engineer, NT4) and CNE (Certified Novell Engineer, Netware 5), is the MD of the Cape Town-based business IT solutions provider Evolv Networks.

Editorial contacts
41nine progressive media Louisa Oschmann (+27) 83 455 1038
Login with