During the recent RSA Conference 2013—dealing with matters related to encryption of information—Lieberman Software surveyed 250 IT security professionals attending the conference on a variety of data security issues.  The 2013 Information Security Survey report shows that:

·         81.4% of IT security staff believe that other company employees tend to ignore the rules that IT departments put in place.

·         75.8% of IT personnel think that employees in their organization have access to information that they don’t necessarily need to perform their jobs.

·         38.3% of IT security personnel have witnessed a colleague access company information that he or she should not have access to.

·         54.7% of those respondents did not report their colleagues who accessed that information.

If these statistics are even partially correct, then most companies are not adequately protecting the data that they store in their computer systems.  This should be of particular concern to companies in the hospitality industry, where the data involved often includes guests’ personally identifiable information.

 All hotels should evaluate their own PCI compliance program in response to these findings.  PCI compliant policies must be implemented through PCI training of employees and managers.  Among the most effective PCI training programs for hotels are those that include custom learning solutions, such as PCI compliance training modules and similar training on best practices for using hospitality technology.

Venza Group:Since 2008, the Venza Group® partners with the hospitality industry as its premier provider of custom learning solutions. Through PEAK™, the Venza Group also offers off-the-shelf courses on compliance and workforce effectiveness … especially crafted for hoteliers.

Link:  http://www.liebsoft.com/2013_information_security_survey/