Proposal for the need for Information Governance Program in Hospitality Industry

Student's Name

Institution Affiliation

Professor's Name

Course Name

Due Date

Abstract

The hospitality industry is one of the fastest-growing and largest industries worldwide, especially in developed countries. It collaborates with other economic sectors such as financial institutions, healthcare organizations, and others to provide quality products and services to its clients. For instance, the firms under this industry provide accommodation facilities, food, drinks, recreation facilities, and reservation services for hosting events. The main focus of this industry is to ensure that their clients can get the best customer service that would result in the best customer experience within these firms. This industry provides quality services accompanied by the huge cost of providing these services and safe record keeping of the clients' information.

The hospitality industry is one of the industries that produce big data on a daily basis. This big data combine unstructured, semi-structured, and structured data. Unstructured data comprises information with no specific format, and therefore, it is hard to understand and analyze this type of data. The structured data type contains information that is organized in a particular format, and therefore, it is easier to interpret and understand. The semi-structured data type contains information that combines structured and unstructured elements. As a result, there are several concerns and challenges associated with managing these volumes of data. For instance, hotels are majorly targeted with data theft because they store a large volume of information, including the personal details of their clients, such as name, age, gender, address, payment, and transaction details (Yallop & Seraphin, 2020).

Consequently, information governance is critical in addressing these challenges that affect data storage. For instance, when a client checks into a hotel, he is expected to provide his personal details for record-keeping. Therefore, the information is stored in the hotel system for future reference, especially when the client is checking out. It may be not easy to manage the accumulated bulks of information and, therefore, information governance chips in. it ensures accountability and security of information by determining who is responsible for particular information, where the information is kept, how the information would be used, and the people with access to such information. Therefore, the main purpose of implementing the information governance program is to ensure that all the necessary information recorded is used appropriately for the sole purpose it was intended for and by the right people.

Literature Review

Data breach is a common occurrence in the hospitality industry, and it distorts the trust between organizations and their clients. It also ruins the reputation of these high-profile organizations that get involved in such scandals. After a series of data breach incidents in large hotels such as Huazhu, Radisson, Hyatt, and Hilton, another latest data breach occurred at Marriot hotel in 2018, which affected over 383 million customers (Shabani&Munir, 2020). This study reveals that every organization within this industry is vulnerable to data breach issues, and therefore organizations should establish ways to curb these issues. According to the data breach report in Verizon's case, they are three main data threats affecting information security and management in the hospitality industry (Thomaidis, 2020). These threats include point of sale intrusions, insider and privilege misuse, and denial of service attacks. First, the attackers compromise the computers and systems that run the point of sales application, and therefore, this poses a significant threat within the hospitality sector. For instance, once the attackers can access the point of sale device, they install the malware in it to be able to capture the payment card details. Organizations can manage these attacks by suing the multifactor authentication, tracking whoever is using the point of sale system at a given time to ensure it is being used for the right purpose and installing the antivirus software.

The second threat that was revealed in the study was insider and privilege misuse. This involves the case of an existing employee or ex-employee acquiring confidential information for their own selfish gain. For instance, they may use this information to blackmail the client or give it to third parties who would, in turn, use them for malicious gain. Organizations can minimize this threat by training employees to be vigilant with information on mobile devices, monitoring every employee through surveillance cameras, and restricting data access with all the possible means. Lastly, the denial of service attack is one of the prevailing data issues that account for 20% of the data security issues in the hospitality sector (Thomaidis, 2020). Attackers use botnets to create traffic within the networks, forcing the organizations' operations into a standstill, and therefore, the services are forced to remain unavailable. Organizations should use separate systems within different networks to manage this threat. Also, it is important to update these systems regularly.

A study involving 1500 hotels in fifty-four countries worldwide revealed that 67% of these hotels' websites leaked confidential information, including booking reference codes, to the advertising and analytics firms (Shabani&Munir, 2020). Also, the same study revealed that some hotel personnel leaked personal details about their clients, including their card types and their expiry date, the digits of the payment cards, and other relevant information. Therefore, organizations should have policies that regulate such behavior. It is important to observe strict adherence to security policies that are established to handle information of the customers or business. Organizations should have a written document that describes how data and information should be managed. For instance, this policy guides how employees should handle confidential information, including emails, physical data equipment, and other data systems. It also stipulates the measure that should be taken against the individual that fails to comply with the provisions of the policies. Additionally, it is important to update these policies continuously due to technological changes, security requirements, and vulnerabilities.

Symantec provided reports on numerous security issues. For instance, 29% of the hotels do not encrypt their initial links that contain booking details to their customer. Therefore it is much easier for other unwanted personnel to retrieve such information (Mikalef et al., 2018). These reports show that data encryption is vital in minimizing the lack of data integrity, including duplication. Organizations should have established encryption policies to deter unauthorized access to private and confidential information. Encryption transforms a message so that unauthorized readers can read its contents. A study reveals that data encryption technique protects a person's privacy over the internet, including credit card details (Merkus et al., 2019). Therefore, the organization should educate its employees on the benefits of data encryption and the amicable ways of encrypting data to manage data theft.

Social media policy is essential in managing information within the organization. Most people use social media for business and personal purposes. As a result, most crooks are targeting social media users because there is a lot of data stored on such platforms. Hospitality firms have social media platforms used to create awareness about their brands; therefore, it is important to have a social media policy that provides guidelines on how information should be managed on these sites. According to a study by Rochefort, a social media policy instrumental in regulating the social media scandals such as fake news, violation of data privacy, misinformation, and other security issues (2020). Therefore, each organization should implement and ensure strict adherence to social media use to manage security issues that may arise for it.

References

Merkus, J., Helms, R., & Kusters, R. J. (2019, May). Data Governance and Information Governance: Set of Definitions in Relation to Data and Information as Part of DIKW. In ICEIS (2) (pp. 143-154).

Mikalef, P., Krogstie, J., & Pappas, I. (2018). Information governance in the big data era: Aligning organizational capabilities. In Proceedings of the 51st Hawaii International Conference on System Sciences 2018 (HICSS-51). University of Hawai'i at Manoa.

Rochefort, A. (2020). Regulating social media platforms: a comparative policy analysis. Communication Law and Policy, 25(2), 225-260.

Shabani, N., & Munir, A. (2020, July). A review of cyber security issues in hospitality industry. In Science and Information Conference (pp. 482-493). Springer, Cham.

Thomaidis, A. (2022). Data Breaches in Hotel Sector According to General Data Protection Regulation (EU 2016/679). In Tourism Risk. Emerald Publishing Limited.

Yallop, A., & Seraphin, H. (2020). Big data and analytics in tourism and hospitality: opportunities and risks. Journal of Tourism Futures.

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.