The hospitality industry went through a massive shift during the pandemic. This period forced many players in the industry who boasted of excellent service and personalized touches to their services to migrate these services to the digital space. Hotels, restaurants, and travel agencies collect a lot of data that can be analysed to understand their current market and predict the nature of the business.
Customers should be assured of the privacy and security of their data. According to the Kenya National Cybersecurity Strategy published in 2022, the number of cybersecurity threats has been increasing. It was noted that 143,036,010 more cyber threats were detected in July-September 2021 compared to the same period in 2017.
As the country still grapples with the effects of the latest cyber-attack on government services, it is important that companies in Kenya ensure that they can protect their data, especially those who adopt the use of digital technologies in their businesses.
Data is important in all businesses. However, it is crucial that those giving you their personal data are aware of the ways their data will be used. For example, when making a reservation, one may be required to submit their name, contact details and available times, which helps the hotel to reach out and confirm availability on their reservation.
Guests should also be notified if they will receive a survey afterwards and given the option to opt in or out. When guests participate voluntarily in surveys, they will be more likely to give honest feedback. Companies that are transparent about the information they gather, give customers control of their personal data and offer fair value in return for it, tend to be trusted more by consumers.
The Liquid C2 Cyber Security Report 2022 of research carried out in Kenya, South Africa and Zambia found that the most significant impact a security breach would have on a business is financial. Interpol’s African Cybersecurity Assessment published in 2021 recorded that South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia had about 2 million phishing attempts in 2020 detected by Interpol’s private partner, Kaspersky.
This shows that data breaches can severely affect businesses and industries and the cost of recovering lost data is also immense. With rapid advancements in technology and the growing dependence on digital systems, the hospitality sector, just like other sectors, must prioritise cybersecurity and safeguard its operations against cyberattacks, system failures and software glitches.
Failure to address potential digital vulnerabilities can result in unprecedented downtime, lost revenue, compromised customer trust, and a damaged reputation.
The hospitality industry stores customer information and financial records, which can be targeted by cybercriminals. It is therefore important that systems are backed up regularly to enable swift retrieval in case of data breaches.
Additionally, they should also compartmentalise their Wi-Fi networks to separate the network used by guests and the one used internally to run the business. Businesses should conduct cybersecurity tests regularly to identify weaknesses in their systems and instal anti-malware and firewalls to keep off spam and phishing attacks.
In today's digital world, online payment processing has become an essential part of doing business. Investing in a reliable digital landscape will boost operational continuity in the hospitality sector, which in turn increases customer satisfaction. With the rise of digital transactions, understanding the importance of security in online payment processing is key.
Most people nowadays prefer to pay for services using M-Pesa or bank transfers. Hotels and restaurants have consequently installed point-of-sale systems and digital payment systems to facilitate this. However, while this may offer customers convenience and ease their payment, players in the hospitality sector should ensure that they use systems from certified and reliable service providers.
These providers should have a stellar reputation for following industry-standard security protocols and protecting customers' sensitive information. This will ensure the security of customers’ data while making digital payments.
In Kenya, the Data Protection Act 2019 and Data Protection Regulations 2021 inform how data can be used and protected. All players within the hospitality industry in Kenya are also expected to follow these rules. This includes encryption of payment card information and implementing cybersecurity measures to mitigate data breaches.
Companies should not share customer data across borders. Employees in the sector should also be trained to ensure data and cybersecurity. While processing data of international persons, certain bodies like the European Union also stipulate rules to be followed when handling their data. They use the General Data Protection Regulation as a standard to inform the way data is handled.
Data privacy and security are important in the hospitality industry as a lot of information on guests is collected and stored. This can be used to inform business decisions but should also be protected to avoid data breaches. A secure system and one that is transparent on its use of customers’ data will most likely receive positive online reviews, which can translate to increased user traffic and eventually into increased revenue.
Over time, as more people embrace the use of technology in accessing services in the comfort of their homes, service providers such as players in the hospitality sector should strive and firm up data protection initiatives in order to establish and uphold their customers’ trust.
General manager, Lake Elementaita Mountain Lodge
