Magazine

Keeping Out the Bugs!

Securing a Hotel’s Local Area Network

Most computer users are familiar with the dangers of malicious e-mail that can introduce viruses and other undesirable software onto a PC. McAfee or Norton are usually pre-installed on new computers to help prevent such threats. Hotel local area networks (LANs), including servers, require additional security measures be taken to guard against multiple threats.

Corporate espionage is sometimes mistaken for the activities of hackers or other online thieves. While hackers are mostly interested in bank account numbers, credit card numbers, and other items that can quickly be used for purchases or cash, those after sensitive corporate data have an entirely different purpose. Using some of the same techniques, those that may be seeking financial information, customer data, etc. can gain access to hotel networks. While much less frequent than other types of attacks, the threat does exist.

All security threats do not come from outside the hotel. Inside threats represent just as real a problem and can be more challenging to deal with. Some employees may, unknowingly, introduce dangerous items via diskettes or CDs loaded onto local systems. Servers in some hotels may not be properly password protected, thus allowing unauthorized personnel to see and/or change sensitive data. A very small percentage of dissatisfied employees have altered or deleted hotel data before leaving. Business center PCs and Internet access by guests should not be part of the main hotel LAN but should be a separate network altogether.

There are also unintentional threats that can be planned for. These include equipment malfunction, software failure, user error, water and fire damage and power loss.

Several steps can be taken to combat many of the items listed above. It is important to provide multiple layers of security that make it more difficult for unwanted items to penetrate. Individual PCs should have virus and spyware protection, and a personal firewall activated. Servers should have a host intrusion prevention system installed. This software helps prevent hacking from the outside as well as provide virus and spyware protection for all server hard drives.

Software security updates, which come from the manufacturer, should be applied as they become available, especially to Windows, Office, and other widely used packages. Also, a multipurpose security device should be placed between the Internet service entry point and the local area network. These stand alone solutions serve as the front line of defense against viruses, spyware and hackers.

Unintentional threats can best be addressed with frequent backups, including off-site system replication, which allows rapid restoration to a replacement server in case of a natural disaster.

Geoff Griswold is a hardware and wiring specialist for the Omni Group. Geoff can be reached at (888) 960-8787 or geoff@atlantaomnigroup.com

In addition to software and other security device installation, the following practices can help increase security:
»Enforce mandatory access controls, including not allowing media such as diskettes or CDs from being introduced from the outside your property.
» Keep administrative passwords closely guarded and change frequently.
» Utilize multiple levels of administrators-each with only the necessary access to perform certain tasks.
» Limit downloads to be performed by authorized personnel only.
»Provide employee training on proper security procedures.
»Change user passwords frequently.