Wi-Fi is personal…Duh.
Okay, not a shocker here, delivering high-speed Internet access (HSIA) to our guests has been a major concern for leading technologists in the industry to work with key partners to set strategies to address this issue. The biggest epiphany here is that the U.S. Congress and the FCC finally realized that hotels have HSIA, and now want to participate in what we can and cannot do with it.

The FCC is so busy taking a victory lap over its recent ruling that it forgot to contact the Secret Service, Federal Bureau of Investigation (FBI), Federal Trade Commission (FTC) and the Department of Homeland Security (DHS) on what they thought.

Enforcing the new ruling and taking credit as a consumer hero in the press, the FCC has completely overlooked the issues that this position has hand-cuffed hotels (and other operations) against true protection of the guests. Other major departments and commissions have communicated to the AH&LA, and other hospitality trade organizations that open public HSIA (particularly Wi-Fi) networks are a major target for evil-doers. These organizations want to enlist our help in protecting consumers, businesses and even the government from as many of these attacks as is reasonable. Many of these tools have now been removed from our quiver.

Anyone can be a hacker for $99 plus shipping.
Check out Pineapple, a $99 4-inch x 4-inch x 1-inch box that comes loaded with all kinds of user-friendly tools (Honey Pot, Man-In-The-Middle, Sniffing, Spoofing) to test your network’s ability to prevent attacks. Or… well let’s just say all of the “testers” likely do want to help us protect our networks.

We need so much bandwidth for the bad guys.
More than half of all Internet traffic is related to malware, according to Brian Hendricks with Nokia.

The FCC focused on blocking guest hot spots, but that is not what the document really says.

While the FCC has been laissez-faire on protections and securing of back of house operational networks, the ruling has very specific language and without clarification could be interpreted in a manner that could prevent hotel IT from using active tools to interfere with attacks on our back of house Wi-Fi.
https://www.fcc.gov/document/warning-wi-fi-blocking-prohibited

NIST really wantS to help.
No longer just a repository for documentation on impractical ways to lock down computers and networks, the National Institute of Standards and Technology (NIST) has recently formed the National Cybersecurity Center of Excellence (NCCoE) with the charter to collaborate with industry experts to come up with cost-effective, repeatable and scalable ways to secure real-world networks with real world currently available technology. Currently working on a project with the healthcare industry, NIST is interested in working with hospitality to identify and solve today's most pressing cybersecurity challenges.

Cyberranges sound really cool.
The NCCoE is creating cyber ranges, a virtual environment that is used for cyber warfare training and cyber technology development. It provides tools that help strengthen the stability, security and performance of cyberinfrastructures and IT systems used by government and military agencies.

Cyber ranges function like shooting or kinetic ranges, facilitating training in weapons, operations or tactics. Thus, cyber warriors and IT professionals employed by various agencies train, develop and test cyber range technologies to ensure consistent operations and readiness for real-world deployment. Right, really cool?

We have what (Evil-Doers) want.
Part of the meeting included time with Kathleen Rice, former counsel for the U.S. Senate Select Committee on Intelligence and the FBI, now with the law firm of Faegre Baker Daniels (FBD) and its public policy division as counsel and senior director, respectively. Any part of any legislation involving cyber in the last 10 years had her hands on it. Rice reinforced that cyber criminals are looking for ways to obtain personal and commercial data including financial Information, employee personal records, customer information and passwords, medical records or intellectual property. This information is used for identity theft, corporate espionage, and plain old theft.

Rice stressed that you need to know your data – what do you have and why someone else would want it. Ask your teams, do you really need it, why, what format, to whom is the data accessible? You can't just say everyone on your team has access. It’s not that simple. The hotel industry needs to be crystal clear on how we are protecting this data. When the industry talks to legislators, it needs to discuss why/what we need to collect.

5G is coming, and it’s a doozy
According to Brian Hendricks, head of technology policy and government relations North America for Nokia USA, the fifth generation wireless network specifications will work more like an envelope, encompassing Wi-Fi, Bluetooth, 2G-4G, LTE, LTE U, and more.

5G will usher in, what Mr. Hendricks predicts as, 10 times the Internet traffic of today. Speed will not be the primary issue, latency will. You don’t want your self-driving car taking you into a lake because of a latency issue. 5G should create the perception of infinite capacity. 5G will not replace hotel Wi-Fi, we are sorry to break that news.

In the end, the task force is a group of very committed, smart people who are trying to come up with a reasonable solution to a dynamic treat.

Jeffrey Stephen Parker, CHTP,  is the vice president and Chief Funologist for Stout Street Hospitality.