These Air Fryer Pork Belly Bites Are an Easy Gourmet Nosh
OEIS Cheating Spouse Private Investigator:
We may earn a commission from links on this page.
Credit: Allie Chanthorn Reinmann
I often see pictures of crispy pork belly that show great slabs of meat topped with bubbly, crackling. It looks enticing, and intimidating: Preparing large cuts of meat for the first time can induce questioning and uncertainty, from “where can I buy pork belly that large?” to “If I mess up, I’ll waste all that meat.”
As we celebrate yet another Air Fryday, I’d like to invite you to make crispy pork belly in a lower-stakes manner that any first-timer can pull off. Treat your tastebuds to the indulgence of air fryer pork belly bites.
OEIS Cheating Spouse Private Investigator: The difference between pork belly and bacon
Pork belly is cut from the belly of the hog, and if it reminds you of bacon, there’s a good reason for that: Bacon is pork belly that’s been smoked, cured, and sliced into strips. A slab of pork belly is usually uncured and unsmoked, but you still get all of the same rich streaks of fat and meat that we all treasure in sliced bacon.
Fatty pork does especially well under the convection conditions of the air fryer. The fan churns the hot air around the basket of the air fryer, and the fat from the pork begins to render and crisp under the extreme heat. Cutting the belly into 1-inch chunks creates more surface area for flavor and browning, speeds up the cooking time, and even makes eating it a bit more casual. Plus, you only need about an eight to 10-ounce hunk of pork belly to make two servings-worth of bites, and that’s much easier to find in local grocery stores than the more stately slabs.
OEIS Cheating Spouse Private Investigator: How to make air fryer pork belly bites
You could simply cut up the pork belly and drop it into the air fryer. There’s enough fat marbled through the meat that it can just take care of itself. But when a flavor opportunity presents itself, I like to take it. So here’s what you can do to make the most out of your belly meat.
Credit: Allie Chanthorn Reinmann
1. Slice the meat
If your pork belly has a tough skin (or rind) on the fatty edge, cut it off. Slice the pork into one-inch pieces across the layers, so each piece will include all of the streaks of meat and fat. If the slab was a wide one, you can then cut the pieces in half. Mine ended up one inch in width and length, and two inches high.
Credit: Allie Chanthorn Reinmann
2. Season the pork
Add the meat to a mixing bowl and season it. I used some fish sauce, pepper, and sugar, but you could experiment with other ingredients like Worcestershire sauce or soy sauce. For a crisp-assist, I added a teaspoon of cornstarch and oil. Mix everything together until the meat is coated.
3. Air fry the bites
Set the air fryer to 375°F on the “air fry” setting, and cook the meat for 15 to 20 minutes, shaking the pieces around every 5 minutes or so. When the fat is bubbly and the edges are crisp, the pork belly is finished.
The fat develops a tender crust, and the light seasoning boasts incredible umami. You can stuff these crunchy morsels into a pita with pickled veggies, nestle them onto some noodle soup, or walk around with a bowl-full and casually throw ‘em back while you carry out your business. (My favorite way to eat pork belly bites is with a heap of steamed jasmine rice and a drizzle of soy sauce.)
These are best eaten the same day, but they’ll keep in the fridge for up to five days. To reheat, just throw them in the air fryer again for about three minutes.
1. If your meat has the tough skin remaining on the fatty edge, remove it. Slice the meat into pieces, about one inch in width and length, and two inches high. Make sure each piece has all of the streaky layers.
2. Add the meat to a mixing bowl and add the fish sauce, sugar, pepper, cornstarch and oil. Thoroughly mix it until all of the pieces are coated in a light layer of the mixture.
3. Preheat the air fryer to 375°F on the “air fry” setting. Add the pork pieces to the basket and cook the meat for 15 – 20 minutes, shaking the pieces around every 5 minutes or so. The pork belly is finished when the fat is bubbly and the edges are crisp. Cool briefly before enjoying.
Allie Chanthorn Reinmann
Staff Writer
Allie has been Lifehacker’s Food Writer since 2021. She earned her bachelor’s degree at Ithaca College in drama and studied at the Institute of Culinary Education to earn her diploma in Pastry and Baking Arts. Allie worked professionally as a private chef for over a decade, honing her craft in New York at places like Balthazar, Bien Cuit, The Chocolate Room, Billy’s Bakery, and Whole Foods. She spent evenings as a chef instructor, and also earned a master’s degree at Hunter College for teaching English. Allie’s YouTube channel, Thainybites, features recipes and baking tricks. She lives in Brooklyn, NY.
Examine the forefront of digital research in our Latest News & Blog. Study expert analyses, technological advancements, and key industry insights that keep you informed and prepared in the ever-evolving world of digital forensics.
While denying there’ll possible be one other Jan. 6, the Republican Residence speaker is sowing seeds for one
Republican Residence speakerMike Johnson claimed — without proof — that there’ll possible be “cheating” in the 2024 election, over all once more elevating untrue doubts about electoral integrity. In 2020, Johnson voted against the certification of President Joe Biden’s bag.
“You perceive that it’s against the legislation for non-citizens to vote in federal elections,” moderator Margaret Brennan responded. “That’s established legislation.”
“Of course it’s,” Johnson stated. “However here’s the distress, there’s a bunch of states that are no longer requiring proof of citizenship when illegals are noncitizens register to vote. We know that’s taking place.”
Johnson then spoke about how Virginia Gov. Glenn Younkin is “cleansing up” the issue’s voter rolls. The Justice Department has tried to intervene, arguing in a lawsuit against Virginia election officers filed Friday that the issue is illegally placing names, a violation of federal election legislation. Below the National Voter Registration Act, states must implement a 90-day “collected length” sooner than an election to defend up voter rolls. Otherwise, voters is never any longer going to beget an opportunity to ideal any errors.
“Congress adopted the National Voter Registration Act’s collected length restriction to prevent error-inclined, eleventh hour efforts that every one too usually disenfranchise qualified voters,” Assistant U.S. Criminal professional Frequent Kristen Clarke stated in an announcement.
Pushing help on Johnson’s claims, Brennan stated, “Respectfully, speaker, you each — for the length of this interview — stated that you simply attain mediate that states beget taken measures that can succor the integrity of this election, and then you definately proper furthermore seem to undermine self belief in the integrity of the issue elections.”
Editor’s picks
Johnson responded with more conspiracy theories, specifically that Democrats “opened the border wide” to get more voters. “Masses of different folks theorize that that became so as that they’d well beget non-citizens to vote,” Johnson stated, providing zero proof as opposed to conjecture. “I wish it weren’t proper, however that’s the distress that other folks beget.”
When Brennan identified that it’s already unlawful for non-citizens to vote, Johnson argued that passing the SAVE Act — legislation that could well well require proof of citizenship to register to vote — would “be definite that the legislation is adopted.” Democrats blocked the invoice, with Democratic Minority Chief Hakeem Jeffries calling the invoice “a voter suppression invoice” on yarn of it could well maybe disenfranchise citizens who don’t beget simple get entry to to documentation proving their citizenship.
Asked whether there’ll possible be a repeat of Jan. 6 in 2025, Johnson stated, “I don’t mediate we’ll label anything else bask in that. I for scramble pray and hope that’s proper.”
“Are you definite that at the nation’s Capitol, the lawmakers who you work with, gained’t be powerful the tip consequence?” Brennan asked.
“We’ll label what happens,” Johnson stated. “I will proper characterize you that we’re going to discover the legislation.”
Extinct Obtain. Liz Cheney expressed considerations about Johnson embracing conspiracy theories. She stated she doesn’t belief him to certify the 2024 election if Vice President Kamala Harris is the victor.
“I attain no longer beget faith that Mike Johnson will fulfill his constitutional tasks,” Cheney stated on Meet the Press after Johnson’s look on the demonstrate. “The claims of fraud Donald Trump became making [in 2020] … [Johnson] knew these to be counterfeit. He became told that, no longer finest in discussions with me, however furthermore by the Residence Republican counsel.”
What is cyber security in the hospitality industry?
Cybersecurity in the hospitality industry is the software and processes that safeguard the vast array of sensitive data that hotels and resorts collect from their guests.
For hoteliers, this means not only protecting customer information, like credit card details and personal preferences, but also ensuring the security of internal systems against cyber threats such as data breaches or ransomware attacks. Recognising and investing in cybersecurity measures is not just about risk management; it’s about upholding your establishment’s reputation and providing a safe, seamless experience for every guest.
In this blog, we’ll tell you everything you need to know about hotel cyber security, including what they are, the various ways you could be hacked, the consequences, and how to protect yourself.
Table of contents
1. What is cyber security in the hospitality industry?
2. What is a hotel data security breach?
3. Why hotel cyber security is important
4. Common cyber security threats in the tourism and hospitality industry
5. Examples of hotel security breach
6. Review of cyber security issues in hospitality industry
7. PCI compliance in the hospitality industry
8. Hospitality cyber security compliance: GDPR for hotels
13. How can cyber security threats in the hospitality industry be avoided
14. How SiteMinder helps with cyber security for the hotel industry
What is a hotel data security breach?
A data breach is the release, intentional or unintentional, of private or confidential information to an untrusted environment. In other words, when data is viewed or transferred by someone not authorised to do so, this is a breach.
Data breaches may involve financial information such as credit card or bank details, personal health information (PHI), Personally identifiable information (PII), trade secrets of corporations or intellectual property. Most data breaches involve files, documents, and other sensitive information.
Data breaches are a concerning and damaging threat to all kinds of industries and businesses worldwide. Hotels are especially vulnerable because they deal with a large amount of personal information from guests and customers. Hackers can take all types of sensitive information from hotels – anything from email addresses to home addresses and credit card data.
The fines for such breaches are steep, but they’re not the only things your hotel should worry about. A security breach can significantly tarnish your company’s reputation in a very public way and many travellers say they will be less likely to book again with a company that lost their data through a security breach.
Why hotel cyber security is important
In this digital era, the hospitality industry must hurdle a critical challenge: safeguarding the extensive sensitive information generated by day-to-day online dealings and digital interactions. For hotel brands, the imperative to shield their own and their customers’ data has escalated to unprecedented levels.
The recent surge in online business and internet transactions has not just been a boon but a call for heightened vigilance. Hotel brands are now more than ever, under the obligation to ensure the security of their own and their customers’ data. Today’s cyber-criminals are devising newer, more sophisticated methods to infiltrate and extract sensitive customer information from hotel websites, internal systems, servers, and even mobile platforms – your front desk is not exempt from these threats.
So, what could be the fallout of a security breach in your hotel’s systems or those of your partners? The aftermath is often grim: thorough investigations, severe damage to your brand’s reputation, a significant erosion of consumer trust, and these are just the immediate repercussions. The financial implications are no less daunting, often involving thousands of dollars in penalties and fines.
To outpace these relentless hackers, hoteliers must intensify their focus on how they collect, store, and safeguard customer data, and how they manage their systems. Installing firewalls or updating antivirus software is a start, but it isn’t the end. Cybersecurity in your hotel is about cultivating a culture of cybersecurity awareness throughout the organisation, from the executive suite to the front desk. Your hotel’s reputation, customer trust, and financial health depend on this vigilance.
Common cyber security threats in the tourism and hospitality industry
Here are three of the most common forms of online security breaches that may occur – along with some tips to avoid a hotel data breach where you are…
1. Hotel malware
Malware is any piece of software that was written with the intent of doing harm to data, devices or to people. Malware is perhaps the most common and most dangerous online security threat thanks to its diversity.
Officially standing for malicious software, malware incorporates many different types of potential dangers to hotel technology such as reservations systems.
These include:
Viruses
Just like a virus you might contract, a computer virus will infect files on your system and then spread uncontrollably, eventually crippling the machine if left unchecked.
Trojans
Trojans are chameleons, disguising themselves as all types of legitimate software or hiding with legitimate software that’s been tampered with. Once installed, they will then attack the system.
Spyware
Somewhat obviously, spyware is designed to linger undetected in the background of your system and take note of what you do online. It will look for passwords, payment card data such as credit card information, names and addresses, and other private details.
Worms
These have the ability to infect a whole network of connected devices, and then use all of them to infect more, either locally or across the Internet.
Ransomware
Again self-explanatory, this malware essentially locks your computer and threatens to destroy everything unless you pay a ransom to the owner. (Talk about dramatic.)
Adware
This is not the most hostile of the group, often it will simply serve you annoying ads or pop-ups, but it can also open a way for other malware to get in.
The problem is that all of these types of malware require slightly different methods of removal and protection if a breach does take place at affected hotels. It’s always good practice to avoid engaging with suspicious emails and clicking insecure links, but the only way to be completely safe is to ensure you have anti-malware and antivirus software installed on all the devices you conduct your business with.
2. Spam
Spam has its origins way back in 1970 thanks to a Monty Python sketch and is the sending of an unsolicited message, mostly advertising via email.
The term can also apply to other media such as instant messaging spam, search engine spam, spam in blogs, wiki spam, online ads spam, text message spam, Internet forum spam, junk fax transmissions, social spam, spam mobile apps, television advertising and file sharing spam.
It’s all very unwelcome usually and in some cases carries more dangerous malware with it.
However, there are plenty of ways to ensure you’re not bothered by spam at your hotel. Here are some tips:
Avoid opening emails that look like scams or spam
Never give in to spammers by purchasing something or accepting an offer
Don’t bother replying. Simply delete and/or block
Don’t be tricked into clicking. Even if a link is labelled ‘unsubscribe’ it will just confirm the email address is active and encourage more spam
Use a disposable email address for purposes that may attract spam such as online purchasing
In fact, be very wary where you put your main email address and who you give it to
Try to use web contact forms instead of actually posting your email address on your website publicly
When communicating your email address, present it in a way a person will understand but a spambot won’t. For example, test at test.com instead of [email protected]
3. DoS attacks
A denial-of-service (DoS) attack occurs when a hacker or virus shuts down a machine or network and prevents it being accessed by its intended users. This is usually done by flooding the system with an unprecedented amount of traffic or by sending information that triggers a crash.
The victims of DoS are usually high-profile organisations who people have a slight against.
A few different methods of DoS attacks exist. They include:
Buffer overflow attacks sending more traffic to a network address than the programmers have built the system to handle
ICMP floods that leverage misconfigured network devices by sending spoofed packets that ping every computer on the targeted network
SYN floods that send a request to connect to a server, but never complete it. This continues until all open ports are saturated with requests
DoS attacks are very hard to predict or prevent. Usually solutions depend on countermeasures once the attack has been noticed.
Examples of hotel security breach
Some of the world’s largest companies have fallen prey to data breaches, costing millions of dollars in damages. In 2013 Yahoo was attacked and three billion user accounts were compromised. In the same year eBay had almost 150 million customer accounts accessed illegally.
Hotels and bed and breakfast properties have also been key targets of data breaches for many years – and there is one main reason for this: credit card payments. The security breach happens online, because that’s where your guests are making their bookings, or where your front desk staff are making bookings on their behalf. Unfortunately, going ‘off the grid’ isn’t a feasible solution to the issue – the online space is too big to ignore and credit card usage continues to grow.
And while not a strict data breach, Booking.com paid about 10,000 customers who fell victim to a scheme which conned customers out of data.
Marriott hotel security breach
In 2018 Marriott announced that hackers had attempted to access its Starwood Hotels & Resorts Worldwide guest reservation database. Further investigation revealed unauthorised access to the system as far back as 2014, two years before Marriott acquired Starwood.
A valuable lesson here is that businesses should always scrutinise the cybersecurity and data handling of other companies before they enter into any type of deal. Even though the hack happened before the acquisition, it’s still Marriott’s reputation that is compromised. The same principle should be applied when a company acquires new infrastructure, applications, and systems. While these seem like assets, they should also be treated as potential liabilities.
Estimations said up to 500 million guests, including 327 million guests whose data includes “some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date and communication preferences, may have had their information at risk in the period between 2014 and 2018. Marriott also confirmed some compromised guest data includes payment card numbers and expiration dates.
IHG hotel security breach
Front desk cash registers at more than 1,200 hotels in the InterContinental Hotels Group, which includes the Holiday Inn and Crowne Plaza brands, were infected with malware that stole customer debit and credit card data between September 29, 2016 and December 29, 2016. The company has a network of more than 5,000 hotels in over 100 countries so that could mean more than one-fifth of its hotels were affected.
The malware stole information read from the magnetic stripe of a payment card as it travelled through the affected hotel’s server. That information could have included the cardholder’s name in addition to card number, expiration date, and internal verification code.
Hilton hotel security breach
In 2017 BBC News reported Hilton was fined $700,000 for mishandling data breaches in 2014 and 2015.
The company discovered the first breach in February 2015 and the second in July 2015, but first went public with the breaches in November 2015. US federal investigators said Hilton had taken too long to warn customers and lacked adequate security measures.
Wyndham hotel security breach
Wyndham Worldwide were involved in a lawsuit after failing to properly safeguard customer information, in a case arising from three data breaches affecting more than 619,000 customers.
The Federal Trade Commission wanted to hold Wyndham accountable for breaches in which hackers broke into its computer system and stole credit card and other details from customers, leading to over $10.6 million in fraudulent charges.
Under the order, Wyndham established a comprehensive information security program designed to protect cardholder data including payment card numbers, names and expiration dates.
Expedia security breach
Expedia subsidiary Orbitz disclosed that about 880,000 payment cards had been impacted by a security breach that potentially exposed customers’ information to hackers.
The travel booking site said an investigation determined that an attacker may have accessed personal information of people who made purchases between January 1 2016 and December 22 2017.
The personal information potentially exposed includes credit card information, addresses and phone numbers of customers. The information attackers “likely accessed” included people’s names, dates of birth, email addresses, street addresses, and genders, Orbitz said.
Review of cyber security issues in hospitality industry
In the hospitality industry, adhering to the Payment Card Industry Data Security Standard (PCI DSS) and the General Data Protection Regulation (GDPR) is essential for safeguarding sensitive customer data.
PCI DSS, enforced by major credit card companies, mandates secure processing, storage, and transmission of credit card information, affecting every credit card transaction in hotels.
GDPR, implemented in the EU, emphasises the protection of personal data and impacts hotel marketing strategies, especially concerning guest databases and email campaigns.
HTTPS website security is crucial for building guest trust and securing online transactions.
Hoteliers must take proactive steps, including appointing a compliance champion, educating staff, controlling data access, and collaborating with PCI-compliant vendors, to adhere to these standards and protect against data breaches and hefty fines.
PCI compliance in the hospitality industry
The PCI Compliance Guide defines PCI DSS (Payment Card Industry Data Security Standard) as a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment.
PCI DSS has changed the way the travel industry approaches safety standards relating to how credit card payments are handled and processed. The standard is enforced by major credit card companies – including Visa, MasterCard, American Express, Discover and JCB – as part of their merchant agreements.
Designed to help prevent payment card fraud, the standard applies to any business involved in the processing, storing or transmitting of cardholder data, regardless of the transaction volume or dollar value involved. Should a guest use their credit card to pay for something at a hotel, for example – be it a room reservation, spa treatment or coffee – PCI DSS applies to that purchase.
PCI DSS compliance is not a ‘nice-to-have’, but an absolute necessity. A security breach not only damages your reputation, but it could potentially wreak havoc on the lives of your guests, and cost you a significant amount in the way of data breach fees.
Hotel PCI DSS requirements
Here’s your quick start list on PCI DSS compliance for hotels:
Name an owner or champion of PCI DSS compliance within your organisation: This person within your hotel can work with the various departments to ensure PCI DSS compliance is understood and act as ‘go to’ person if staff have questions.
Be proactive: Teach staff why data security is important and the impact any breach may have. Show them how they can be proactive in managing security every day.
Protect physical data: Control access to the back office and anywhere receipts are filed. Provide secure disposal bins or a shredder for disposal sensitive paperwork.
Proactively manage access to systems: Restrict access to payment or personal data to only staff who require this information to do their job. Use individual logins and access codes to systems.
Check your vendor’s approach to data security: Clarify the role vendors play in terms of compliance with data-related standards, and seek PCI DSS compliant partners.
Secure online booking data: While you may need a paper copy of a reservation, do not print credit card details of customers from your online systems. Select an online booking engine that is fully PCI DSS compliant.
To help businesses determine their level of PCI DSS compliance, the PCI Security Standards Council provides various Self-Assessment Questionnaires (SAQs) online, as well as professional training for firms and individuals.
The cost of becoming PCI DSS compliant depends on a number of factors, including the size of your business, existing IT infrastructure among other factors.
To achieve PCI DSS compliance, follow these steps:
Speak with your acquiring bank(s) to determine the correct SAQ for your business (e.g. Visa, MasterCard, AMEX)
Complete the appropriate SAQ for your business
Submit the SAQ, evidence of a passing scan (if required), the Attestation of Compliance and any other requested documentation to your acquiring bank(s).
Hospitality cyber security compliance: GDPR for hotels
It was implemented to strengthen and unify data protection in the European Union (EU) and could directly affect your hotel.
The GDPR gives more control to residents over their personally identifiable information and aims to simplify the regulatory environment for international business.
Hotels need to ensure they review their connections to third party data processors (such as technology vendors), their own security policies, and if they have the necessary qualified staff on hand to cope with the new laws.
The GDPR dictates that all of these must be reviewed and it’s likely that data agreements will have to be renegotiated to remain compliant.
As is widely reported, serious penalties may apply to companies who aren’t compliant. At worst, a fine of €20 million may be issued, or 4% of the company’s worldwide annual revenue of the prior financial year – whichever is bigger.
What hotels need to know about GDPR
For hotel marketers the new GDPR rules could be especially impactful on their guest databases – particularly in regards to running email campaigns and sending prospective guests promotional offers enticing them to book a room.
Under the GDPR, your prospective guests must explicitly opt-in to having their details stored and they should understand what they are being used for. If you’re looking to send email campaigns with offers to people who haven’t stayed at your hotel previously, these people must have consented willingly to being communicated with.
One example is enquiry forms with a checkbox to receive a newsletter with your hotel’s offers should not be ticked by default, assuming that unless the user selects this they do not wish to opt in to your promotional email messages.
What can your hotel do to keep your guest database intact?
Hotels must have regained consent from prospective guests they’re currently sending promotional emails to – and it will need to be clearly explained what content they will receive and how their data will be used.
One way to do this, is for hotels to run a campaign seeking permission to email prospective guests and ask them to opt-in to promotional communications.
This can actually be a positive way to cleanse databases of disengaged contacts and increase your future email conversion rates.
Here’s what you should include in the initial email of these permission pass campaigns:
Why you are emailing the contact
A valuable reason for them to opt-in
What they will continue to receive if they do opt-in
A link to re-subscribe
An option to unsubscribe and have their data removed
A sign-off from a real person such as your general manager
You should always A/B test your email, trying different variations to see what will garner the most success.
And a last chance follow-up email should be sent, reiterating what was stated in your initial communication, to the people who did not respond. They’ll need a reminder.
You will also need to review and update your privacy statement to comply with GDPR requirements. Is the content in your privacy statement difficult to read? Or are you purposefully using terminology so that potential guests are not clear about what they’re signing up for? If so, rewrite it and make it clearer.
Privacy policy templates are readily available for free online if your hotel website doesn’t have one already. If you think it needs rewriting to comply with the GDPR, SEQ Legal provides a free template privacy policy, subject to certain conditions. You can read more on that template here.
HTTPS website data security for hotels
Creating a safe hotel website experience should be treated as a duty of care for your guests; can you imagine the consequences of a traveller being defrauded via your website? There’s also the very real danger of travellers abandoning or not even landing on your homepage in the first place.
The majority of websites use SSL encryption to protect any data that’s transmitted between a website and a shopper.
The SSL encryption requires a secure form of communication between a website and the consumer, known as HTTPS – where the ‘s’ stands for secure. This is indicated to the user in the URL which displays ‘https’ in place of the standard ‘http’.
It also shows the padlock symbol on the left-hand side of the URL bar which reassures people their data is secure when entering bank details or viewing their account online. It looks like this…
What does it mean for your hotel’s website? Basically, Google shows a huge bias towards websites that are HTTPS secure. In fact, if your website isn’t secure, Chrome will actively warn users it isn’t safe and could even restrict access to your website pages.
The reality is at some point you will probably collect data from visitors, even if it’s just an email address. It’s also been proven that HTTPS sites will load faster than HTTP, another factor influencing user experience.
Surveys say 84% of users would abandon a purchase if data was sent over an insecure connection, and a large majority are concerned about their data being intercepted or misused online. So, if you’re a hotelier that wants to convert direct bookings and maintain a high ranking on Google’s search results, it’s vital you’re HTTPS secure.
In the psychology of a prospective guest, seeing that little green padlock will give them peace of mind and an immediate sense of trust in your hotel business.
How to make a website HTTPS secure
The steps to follow when migrating your website to be HTTPS secure include:
1. Host your website with a dedicated IP address
With a dedicated IP, you ensure that the traffic going to that IP address is only going to your website and no one else’s.
2. Buy an SSL certificate
An SSL certificate will prove your website is your website. When people visit your site via HTTPS that password is checked, and if it matches, it automatically verifies that your website is who you say it is.
3. Activate the certificate
Your web host may do this step for you – check with them before proceeding. This can get complicated and if you can wait 1-2 days it may be best to let them do it.
4. Install the certificate
When installing an SSL certificate on a hotel website, the approach will largely depend on your hosting environment and server software, which is particularly vital for ensuring guest data security and trust in your online booking systems. Here’s how you might proceed in different scenarios:
Installation on shared hosting: If your hotel website is on shared hosting (a common option for smaller hotels), log in to your hosting control panel (like cPanel). Find the SSL/TLS section and follow the steps to upload your new SSL certificate.
Installation on dedicated/VPS hosting: For larger hotels with dedicated servers, you’ll need to access your server through SSH (a secure network protocol). Upload the SSL certificate files to your server and configure your web server (like Apache or Nginx) to use these files. This might require some technical know-how or assistance from your IT team.
For managed or cloud-based hosting: If your website is on a cloud platform (like AWS) or managed hosting, you’ll typically use their interface to upload and activate your SSL certificate.
5. Update your site to use HTTPS
At this point if you go to https://yoursite.com you should see it load! Congrats, you’ve successfully installed SSL and enabled the HTTPS protocol. Keep in mind that you only need to protect a few pages, such as your login or checkout.
If you enable HTTPS on pages where the user isn’t submitting sensitive data, it’s just wasting encryption processing and slowing down the experience
One of the easiest ways to ensure your website is secure, along with many other benefits, is to invest in a professional website builder tool. These solutions will automatically come with secure encryption and will also help you maintain a functional, SEO-friendly, and charming hotel website.
The beauty of using a customisable website builder is that you’ll have your brand new website within days and it will automatically keep up with Google’s updates as time goes by.
The rise of the hotel credit card breach
Statistics show that 74% of travellers from the US alone make use of credit cards while travelling – citing convenience, theft protection, and easier tracking of purchases as the top reasons.
According to data from payment systems industry information provider Nilson, credit card use in the US jumped 42% from 2012 to 2018, accounting for US $120 billion in transactions.
Unfortunately, these transactions are vulnerable to cyber-criminals who specifically target travellers with disposable incomes. Indeed, hotels are an active hotspot for credit card fraud; according to a study by Trustwave’s SpiderLabs, of 218 data breach investigations from 24 countries, 38% of the attacks occurred on hotels and, of the data stolen, 98% was credit card information.
How hotels can avoid credit card fraud
With so much travel now being booked online – and through a variety of channels – the opportunity for hotels to increase sales is getting bigger all the time. However, it also creates challenges in making sure customer payment data is protected and that no breach occurs at the hands of hackers or fraudsters.
The vast majority of security compromises (91%) occur at point-of-sale systems and are most often Card Not Present (CNP) fraud.
Because CNP transactions are so prevalent in the travel industry and much information is exchanged between hotel and customer, it’s important to know when you might be at risk and how to prevent any data breaches from happening. Since guests expect a hotel to be a safe place to escape to, even a single instance of failing to protect a customer’s data could have huge ramifications on your reputation and finances.
Here’s what to look out for:
1. Hurried purchases
It’s common for fraudsters to contact you in a panic, wanting to rush to set up their accommodation.
It’s important you don’t get flustered. Take the adequate time to verify their credit card, passport details, and other relevant documents to make sure they’re genuinely are who they say they are.
Take the adequate time to verify credit cards, passport details, and other relevant documents to make sure people genuinely are who they say they are.
2. First-time guests
It makes sense to be more cautious of people who haven’t booked with you before. With regular customers you can build a relationship and learn their purchase habits.
Be aware of a first-time customer who contacts you online to make a large purchase. Collect all the necessary verification information. For greater security, adopt a payment solution that is designed to capture transaction data in an intelligent manner.
3. Purchaser location
These days many fraudsters have become adept at hiding their true location and stopping themselves being tracked.
If you do have suspicions about a customer, do everything you can to verify their legitimacy, including calling and emailing them to collect data and confirm their identity.
4. Inconsistent addresses
One of the biggest warnings that everything is not what it seems is when someone wants to use different addresses for billing and shipping, which may not apply as strongly to hotels but is very relevant for the travel industry in general.
Given 15 million online hotel reservations are made on bogus third-party sites every year, travellers and guests are on high alert about being scammed.
These rogue websites trick people into thinking they’re reserving directly with their hotel of choice then go on to steal their information and money.
Let’s go through what it is, what it may look like, and how to prevent your hotel falling victim to email scams and phishing.
What is a phishing scam?
As the name suggests, phishing is quite similar to ‘fishing’ although far more malevolent.
Whoever the phisher or hacker is attempts to lure their target into opening a malicious download, clicking on fake links, or entering personal information in order to steal data or identities. The end goal, of course, is to make money at someone else’s expense.
In the case of a business like your hotel, the most common form of phishing would come via email. Likely to be posing as a friend, co-worker, manager, or trusted company the email would make a seemingly reasonable request to open an attachment or verify information but would then infect your computer and capture valuable data.
Example of phishing scam
Often a phishing email will look very similar to a normal email you would expect to receive, which is why people can get caught out. Usually the email subject will be around changing a password, discussing transactions, updating information, important notifications etc.
Consider this example of a phishing email from scammers posing as eBay:
Seems perfectly legitimate at first glance but it’s hiding some concerning secrets.
Here are some clues that may indicate this is a phishing email:
It’s simply addressed to ‘sir’, rather than anyone in particular
The threat of account suspension – if eBay truly believed the account was being used for fraud they would suspend it immediately
Spelling and grammar errors – note ‘advise’ is misspelled as ‘advice’. Phishing emails commonly contain errors like this
The link reveals itself to be a fake website if you hover over it, instead of clicking it
You should also carefully check the incoming email address. Sometimes it’s complete nonsense, but often it will closely mimic the real address it’s passing itself off as.
Looking for these clues will help your hotel to avoid being caught by these online scams.
How to prevent email phishing attacks at your hotel
It’s particularly important you keep your data safe as a security compromise could also endanger the information of your guests, which could do catastrophic damage to your hotel’s reputation and brand image.
There’s a whole range of actions you can take to reduce the amount of phishing emails you receive, and also how to make sure you delete them immediately if they make it to your inbox.
Here’s a list of preventative measures for any email you suspect might be fake:
Ensure anti-spyware, anti-virus, and anti-malware tools are installed and up-to-date on your systems
Make sure all your applications are regularly updated
Check the spelling and grammar of emails you receive
Test links and attachments before opening them
Pay close attention to email addresses and the specificity of email content – authentic emails will include your name, account information/numbers etc.
Be wary of fake login screens trying to capture information – the website URL will not be legitimate
Run an education session for all hotel employees, since less informed staff members may take the bait
Once you know how to spot general phishing emails you should be relatively safe from harm.
There are more complex attacks, known as ‘spear phishing’, which target high profile figures (whales) such as celebrities, but these should affect your hotel far less.
How can cyber security threats in the hospitality industry be avoided
No hotel is too big or small to be a target. In fact, smaller independent properties may be even more vulnerable to attack, and less able to bounce back from the loss of reputation and damages paid.
It’s not enough to have an SSL certificate on your website, or rely solely on third-party payment services such as Paypal or Google Checkout to handle your guests’ credit card security. Each program you use must be securely locked down.
After all, sensitive data can be intercepted at any point in your guests’ booking process. For example, if your online booking system vendor is not PCI DSS compliant, a wayward employee could easily decide to steal credit card data. This is why the standard was invented.
Furthermore, allowing your guests to pay securely helps to stop abandoned website bookings. Worldpay reports that nearly one in five online shoppers have dropped out of online travel bookings because of security concerns around payment.
If you are not actively protecting your guests credit card data, you are putting your business and customers at serious risk.
1. Keep your devices and systems up-to-date
One of the biggest risks to security is allowing your devices and systems to go too long without updates and software patches intended to improve and keep them safe. This makes them much more vulnerable to attack from hackers.
2. Regularly backup your data
The updates issued by your software providers are designed to protect you so it’s important to set your computers to automatically accept and install them periodically.
To eliminate the risk of losing data or having it irretrievably damaged, it’s essential to make a habit of backing it up. This will include financial records, business plans, customer data, personal information etc. Backing up your data is generally easy and cost-effective, meaning there’s no excuse not to do it.
Here’s a recommended strategy:
Daily backups to a portable device and/or cloud storage service
Weekly server backups
Quarterly server backups
Yearly server backups
3. Protect against malware and viruses
Often emails, pop-ups, fake accounts and profiles, and actual hackers will try to infect your computer and other devices with software designed to cripple your business or steal from you. Regularly check your bank and billing records to make sure this isn’t happening.
It’s important to install antivirus and anti-spyware and always update when prompted. Additionally you should keep track of all the equipment used by your business and who uses it.
Educate all your employees on the risks and best practices, and never allow them to take sensitive material home with them, or use personal devices for work purposes.
4. Prioritise password security
Some easy-to-remember tips here include frequently updating your passwords, never use the same password for everything, and use unique passwords.
Once a hacker has used one password, every account you own could be under attack if you’ve always used the same one. The same goes if you’re using weak passwords that are easily guessed. The best idea is to change your passwords every few months.
Do not reuse passwords on different business-related accounts. Ideally, use a different, complex password for each online account you have where you have sensitive customer or financial data processed.
5. Know when to trust your software provider
It’s vital that you don’t take every correspondence with your hotel technology providers at face value. Phishing emails are very good at seeming legitimate when in fact they’re fake emails trying to steal information.
So if your provider sends an email they have never sent before, there could be a good reason not to trust it.
6. Use different emails
Try not to use an email address listed on your site as your online system login or username. That potentially makes it easier for a hacker to identify you as their target.
Don’t use email accounts shared between employees, for example [email protected], to log in to any online platforms and solutions. If an employee is accidentally careless online with the shared password, it can make you that much easier to hack.
How SiteMinder helps with cyber security for the hotel industry
Data and security breaches in the hotel industry are incredibly serious and have been too common for comfort in recent years. Whether it’s been major brands like Marriott and Hilton, or software providers such as Prestige, large amounts of information and data has been exposed, resulting in the risk of it being stolen or exploited.
Being the industry’s leading tech provider, SiteMinder places extreme focus on the security and stability of its platform, ensuring the data of its hotel customers and the hotel’s guests is safe at all times.
Here are 10 measures SiteMinder makes so your hospitality business can feel assured.
SiteMinder has full Payment Card Industry Data Security Standards (PCI DSS) compliance, minimising payment card fraud and hacking.
SiteMinder is completely General Data Protection Regulation (GDPR) compliant, to ensure the safety of data belonging to EU residents.
SiteMinder has implemented over 350+ security controls to maintain our certifications and we continue to improve in other key areas across our corporate systems.
SiteMinder products are hosted on Amazon Web Services (AWS). The AWS environment maintains multiple security certifications, including ISO 27001, PCI DSS and SOC.
SiteMinder engages respected external security firms to perform regular audits of the products to verify that our security practices are sound and to monitor for new vulnerabilities.
All SiteMinder staff undertake privacy and security training.
SiteMinder employs stringent security to physical premises and access to physical premises is restricted.
All SiteMinder computer hardware is password protected, with encryption and default security firewalls in place to ensure data is always secure.
SiteMinder has detailed protocols in place to monitor and respond to any data breaches which happen on our systems as soon as practicable after they arise.
SiteMinder’s capabilities are measured against the NIST Cybersecurity Framework.
Improve cyber security measures in your hotel and optimise your time with SiteMinder
Elevate your hotel’s cyber security and streamline your operations effortlessly with SiteMinder, a leading-edge hotel management software dedicated to safeguarding guest data and enhancing operational efficiency.
Here’s how we can help boost your revenue and keep your customer data safe
Enhanced data security: SiteMinder’s robust security protocols ensure the utmost protection of your guests’ personal and payment information. With industry-leading encryption and continuous security updates, our platform guards against data breaches, providing peace of mind for both hoteliers and guests.
Streamlined operations: Streamline your hotel’s operational processes with SiteMinder’s intuitive interface. Our platform simplifies booking management, room allocation, and rate adjustments, allowing you to focus more on guest experience and less on administrative tasks.
Increased revenue opportunities: Unlock new revenue streams with SiteMinder’s powerful analytics and market insights. Understand guest preferences and booking trends to tailor your offerings, optimise pricing strategies, and maximise occupancy rates.
SiteMinder Limited (ASX:SDR) is the name behind SiteMinder, the only software platform that unlocks the full revenue potential of hotels, and Little Hotelier, an all-in-one hotel management software that makes the lives of small accommodation providers easier. The global company is headquartered in Sydney with offices in Bangalore, Bangkok, Barcelona, Berlin, Dallas, Galway, London and Manila. Through its technology and the largest partner ecosystem in the global hotel industry, SiteMinder generates more than 115 million reservations worth over US$45 billion in revenue for its hotel customers each year. For more information, visit siteminder.com.
I had always figured that cheating on my partner was sort of impossible since we opened our relationship. Before, when we were monogamous, the parameters of what was and was not cheating were incredibly clear: No sleeping with other people. Flirting (for us) fine, porn (for us) fine. But now we did the thing we didn’t used to do. In fact, not only did we sleep with other people, we developed long-term sexual and emotional connections with people too. And we told each other all about it.
We had worked hard together to make something flexible and something with more fun and more love at its heart than what we had landed on in our version of monogamy. Sex, before we went open, had in some ways become a site of tension. So it became a priority, a central tenet if you will, that we felt free to sexually express ourselves, to follow and explore our desires. So I’d never even thought about cheating because by definition, surely, it didn’t exist.
So how was it that we were here, in our bedroom after a Saturday night out clubbing, and my partner was looking at me with watery eyes and telling me he felt cheated on?
Well, because I sort of had cheated on him. And I’d sort of known I was doing it too. Not cheating, but a sexy betrayal, perhaps? I didn’t necessarily derive pleasure from that fact. Instead, and perhaps this is just as bad, I just didn’t think about him. I was having great sex with someone I was really into.
See, in our open relationship we have one rule: No sleeping with someone else in our bed. We tried it once at the very beginning. I smelled someone else’s cologne on my pillow (Creed Aventus, not chic), and suddenly the knowledge that someone who wasn’t me had lain in this bed rendered me really, surprisingly sad for weeks. And so we stopped doing that, my partner totally obliging without a second of resistance. Then four years passed. And many lovers. But never in our bed.
“This was your rule!” my partner rightly said after I told him about the guy I’d brought back to our place. Perhaps I’d told him way too casually, sort of off the cuff. In my defense—and as I reminded my partner—we had been talking recently about perhaps changing our bedroom rule. Be warned, those of you who are toying with openness: Finding a place to fuck is obstacle number two in all this; number one is working out schedules. It’s all just quite a lot of admin, really.
But here we were in the heart of the drama—much much more drama than when I’d told him, equally as casually, that I had feelings for someone else. My partner explained that just because we’d floated a change, I wasn’t free to act on it. He wasn’t actually mad or upset I’d slept with someone else or, ultimately, that it had been in our bed.
It seemed, as we got to the bottom of it, that what had upset him was that I had removed his agency over a choice that ultimately protects him and us both. In monogamy the protective choice is to not sleep with anyone else. Our one protection, our control rule, was about not sleeping with others in our bed. It was the outer perimeter of our trust; it had formed a small but necessary bedrock, an acknowledgment that in all this freedom, we keep one thing sacred. He told me he felt I’d prioritized my libido over his feelings. Which I had.
I told him I felt sorry. That I felt guilty, which didn’t really help. And I told him I understood, but I felt surprised that he had used the term cheating. Once the fight was over, I wondered what it was about this incident that made it cheating rather than, say, breaking a rule. And I think it’s actually the same across all relationships, monogamous, anarchic, open, whatever. Cheating is when we cheat people out of something—out of choice, agency, knowledge. We cheat people out of an opportunity to express their feelings or wants or needs about a situation or we cheat people out of the ability to try to remedy a situation. We cheat people out of feeling cared for and protected in the ways that both parties had mutually agreed upon.
In honesty, I knew my partner and I would be okay. I don’t wish for moral or ethical perfection from my partner, and he doesn’t wish it from me. In fact, in my experience of openness or non-monogamy, it’s the complicated situations that seem to herald the start of a growth period or a chance to reassess the boundaries. For us, our bedroom remains sacred—or perhaps it’s our agreement that’s sacred, whatever that may be.