Cornell Hotel Network Study Highlights Weaknesses in Internet Security

Share Article

Improved Security Need Not Be Costly, According to Hotel Study

By using these VLANs, the hotel has separated each guest's computer in a way that should protect against stolen data. It also gives the hotel greater control over the guest side of the network.

When business travelers log
on to their hotel's internet network to send data back to their home office, they risk the possibility of data theft. A direct analysis of the networks available to guests in 46 hotels, supplemented by a survey of 147 U.S. hotels, found that a substantial majority of the hotels are not using all the possible tools to maintain their network's security. The newly released hotel study, "Hotel Network Security: A Study of Computer Networks in U.S. Hotels" by Josh Ogle, Erica L. Wagner, and Mark P. Talbert, is available at no charge from the center at .

A graduate of the Cornell School of Hotel Administration, Ogle is president of TriVesta LLC. Wagner is an assistant professor, Cornell School of Hotel Administration, where Talbert is a senior lecturer.

Ogle, Wagner, and Talbert explain the architecture of hotel networks, with an eye toward improving security of guests' internet access. Their survey found that about 20 percent of the 147 hotels surveyed still use simple hub-type systems, which are most vulnerable to hacking. In the first-hand analysis, the study tested the networks of 46 hotels, often without actually being guests of the hotel. "I visited all 46 of those hotels," said Ogle. "Even with hotels that required authentication, I found helpful employees who got me past that barrier. So, authentication is not as effective as we think, and then I found that of the 39 hotels that offered Wi-Fi connections, only six used encryption to help protect the system." Ogle will explain more of the technical aspects of this part of the hotel internet network study on the popular Security Now! podcast, with hosts Steve Gibson and Leo Laporte in the near future.

Hotel Guests' Data at Risk, as Study Reveals
"On balance, we were forced to conclude that guests' data transmissions are often at risk when they use a hotel's network," said Wagner. "However, we did find hotels that were paying attention to the security of their guests' data. I should point out that improving security does not have to be costly."

The report concludes with a case study of the W Dallas--Victory hotel, which has taken a security step not used by most hotels. "What the W Dallas has done is to set up each node on its network as a virtual local area network, or VLAN," explained Talbert. "By using these VLANs, the hotel has separated each guest's computer in a way that should protect against stolen data. It also gives the hotel greater control over the guest side of the network."

Thanks to the support of the Center for Hospitality Research partners listed below, all Cornell Hospitality Reports and Tools are made available free of charge from the center's website, .

About The Center for Hospitality Research
A unit of the Cornell School of Hotel Administration, The Center for Hospitality Research (CHR) sponsors research designed to improve practices in the hospitality industry. Under the lead of the center's 73 corporate affiliates, experienced scholars work closely with business executives to discover new insights into strategic, managerial and operating practices. The center also publishes the award-winning hospitality journal, the Cornell Hospitality Quarterly (formerly the Cornell Hotel and Restaurant Administration Quarterly). To learn more about center and its projects, visit .

Center partners and sponsors: AIG Global Real Estate Investment, American Airlines Admirals Club, Davis & Gilbert LLP, Deloitte & Touche USA LLP, Denihan Hospitality Group, Expedia, Inc., Four Seasons Hotels and Resorts, Fox Rothschild LLP,
FX Real Estate and Entertainment, Inc., General Growth Properties, Inc., HVS, InterContinental Hotels Group,, JohnsonDiversey, Inc., Jumeirah Group, LRP Publications, Marriott International, Inc., Marsh's Hospitality Practice, Mobil Travel Guide, Inc., Nestlé, PricewaterhouseCoopers, Proskauer Rose LLP, Smith Travel Research, Southern Wine and Spirits of America, Inc., SynXis (a Sabre Holdings Corporation), Taj Hotels Resorts and Palaces, Thayer Lodging Group, TIG Global, Travelport, WATG, and WhiteSand Consulting.

Center friends: • American Tescor, LLC • Argyle Executive Forum • Caribbean Hotel and Restaurant Buyers Guide • Cody Kramer Imports • Cruise Industry News • DK Shifflet & Associates • • EyeforTravel • Fireman's Fund Insurance Company • Gerencia de Hoteles & Restaurantes • Global Hospitality Resources • Hospitality Financial and Technology Professionals (HFTP) • • • Hospitality Technology Magazine • Hotel Asia Pacific • Hotel China • • Hotel Interactive • Hotel Resource • International CHRIE • International Hotel and Restaurant Association • International Hotel Conference • International Society of Hospitality Consultants (ISHC) • iPerceptions • Lodging Hospitality • Lodging Magazine • Milestone Internet Marketing • MindFolio • Parasol • PKF Hospitality Research • The Resort Trades • RealShare Hotel Investment & Finance Summit • Resort+Recreation Magazine • • Shibata Publishing Co. • Synovate • The Lodging Conference • TravelCLICK • UniFocus • WageWatch, Inc. • WIWIH.COM

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Visit website