Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Developing a Strategic Security Policy for Hyatt Regency Sydney

Verified

Added on 2023/04/03

AI Summary

This study focuses on developing a strategic security policy for Hyatt Regency Sydney and identifying potential vulnerabilities and threats. It discusses the importance of network security, Wi-Fi threats, spear-phishing and backdoor attacks, man-in-the-middle attacks, and ARP spoofing. Recommendations for mitigating these threats are provided.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the Student
Name of the Organization
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1INFORMATION SECURITY
Executive Summary
The study will be based upon researching, formulating, developing and documenting a
strategic policy of security for the hotel Hyatt Regency Sydney based upon the organization’s
nature as well as the stakeholders. After the documentation of the security policy for the hotel, all
the potential vulnerabilities as well as threats will be both identified as well as assessed and there
will be proper discussion regarding how will such vulnerabilities as well as threats will be
mitigated.

2INFORMATION SECURITY
Table of Contents
Introduction......................................................................................................................................3
Body.................................................................................................................................................3
Security policy.............................................................................................................................3
Wi-Fi threats of the hotel.............................................................................................................5
Spear-phishing and attacks of backdoor......................................................................................5
Attacks of the man-in-the-middle................................................................................................6
Spoofing of Address Resolution Protocol....................................................................................6
References........................................................................................................................................8
Bilbiography....................................................................................................................................9

3INFORMATION SECURITY
Introduction
The main aim of the study is to develop a strategic security policy for the hotel Hyatt
Regency Sydney and identify all of the threats as well as vulnerabilities which are highly
potential. Hyatt Regency is considered to be one of the largest hotels in Australia comprising of a
total of 892 rooms. It has been known to be built in the year 1991 as Hotel Nikko Sydney and
later on became Hyatt Regency Sydney in the year 2016 following by the addition of a full new
tower comprising of about 250 extra rooms. The main stakeholders of the hotel mainly involves
all the staffs, manager and the owner of the hotel. It is mainly a commercial establishment
possessing with the capability of providing lodging, meals and other services to all the guests.
Body
Security policy
 The following security policy will be highlighting several implications which are very much
needed for both the mitigation as well as the prevention of attacks on both the network of the
hotel as well as upon all the guests of the hotel. The IT team of the hotel must take all of such
considerations into account and even all the guests will also be encouraged for taking certain
measures for the main purpose of minimizing the chances of the theft of huge information.
 The networks of the hotel as well as the guests connecting to all the networks can become a
very easy target for several attackers or hackers and hence the team of management must
display several signs of cautions at the front desks and also within the rooms for reminding
guests about certain points:
1. Stop entering sensitive information like the numbers of social security into the login page.
2. Perform checking with the front most desk for any kind of announcement regarding the
update of software (Abaya et al. 2014).
3. Stop enabling the site for remembering the password and always sensitive accounts must be
logged out.
4. History as well as all the internet files which are temporary must be cleared after the work
has been finished.
5. Stop leaving the computer unattended in the hotel’s public areas.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4INFORMATION SECURITY
 Data encryption must be configured on all the servers as well as the networks such that all
the important sensitive information which will be entered through all the forms of hotel upon
the internet log in page of the hotel are directly transmitted properly with the encryption of
data.
 Implementation of the feeds of threat intelligence which will be involving a notification
system of data breach (Safa et al. 2015). Integrate all the feeds of data intelligence which will
be involving frequent update of feeds which will be easily converted into the format of XML
for the proper analysis. All the resulting reports must be properly analysed by the entire team
of IT, management as well as all the partners capable of providing all the solutions of cyber
security for stopping all the bad factors from directly targeting upon all the guests again in
the nearer future.
 Utilisation of a service of VPN which is considered as the best way of blocking several
attacks whenever the Wi-Fi of the hotel will be connected. VPNs will be encrypting all the
communications which are done digitally and prevent all the very sensitive data from being
highly intercepted by all the adversaries and hence they are to be considered as a very vital
part for the creation of a privacy while going online from the rooms of hotel.
 Implication of HTTPS is very much necessary as it will be helping a lot in making the
browser a secure one. Several extensions are to be utilised like HTTPS everywhere which
will be forcing the browser to utilise a connection which will be totally secure. Extensions
will also be helping a lot in activating proper encryption for all the websites.
 Utilise password protected VLAN wherever possible as the service will be allowing to login
to a virtual local area network which will be very much safer than any Wi-Fi and also
provide security against any kind of activity which will be totally unauthorised.
 Firewall is to be activated which will be present in most of the OS as well as the programs of
antivirus. It will be blocking any kind of unauthorised access to the PCs and hence will be
protecting from any kind of malware attacks or hacking.
 Each and everything must be updated before checking in. Despite being busy, no one must
forget to update the security of OS and several applications which are seen to be residing
upon the smartphone, laptop or rather tablet before checking into the hotel.
While booking any hotel room, it is to be assumed that it is actually the responsibility of the
hotel to keep all the customers as well as their belongings safely by not sharing the keys of room

5INFORMATION SECURITY
or some other details (Wendy Zhu and Morosan 2014). There may be much greater threat which
may be lurking within any room which is the Wi-Fi connection. While it has been seen that high
speed wireless internet is seen to be often welcoming amenity for all the guests of the hotel who
are seen to seeking for both communication as well as conduction of the business with very
limited disruptions on the go, it will also be illustrating a number of vulnerabilities of the
particular hotel to a huge number of cyber threats. The Wi-Fi network of the hotel is seen to be
suffering from a number of different weaknesses related to security while many of them are even
similar to all the weaknesses of all the Wi-Fi networks which are totally public. Such networks
are seen to be incrementing the susceptibility of the guests of the hotel to all the main in the
middle and some other attacks which highly compromise their information which are totally
personal. It has often been reported by the IC3 and the FBI that there are a number of malware
instances as well as some other attacks on several smart devices connected to the hotel are on a
high rise.
Wi-Fi threats of the hotel
As it has been seen that the hotel Hyatt Regency Sydney has become totally dependent
upon several communications which are wireless, a number of vulnerabilities related to security
of such a kind of adoption has also continued to be rising at a much higher rate. Wi-Fi is seen to
possess that much of potential that it can directly open the door for all the cyber attackers or
cyber criminals to enter. The Wi-Fi connection within the hotel has allowed for any type of
unauthorised entry of all the cyber hackers and a number of security nightmare which can be
imaginable. Even it is known that a router may be providing with an advanced features resulted
to security, it cannot translate into the protection of all the personal information of both the hotel
as well as the guests.
Spear-phishing and attacks of backdoor
There may be chances that hackers who is highly willing to conduct the attack will be
waiting for all the guests to check in and then connect to the network of Wi-Fi by directly
submitting their number of room and the surname for logging in (Chan and Lam 2013). All the
attackers will be utilising the particular network of the hotel which has been highly compromised
for sending all the update messages of the bogus software for tricking all the guests into directly
downloading a kind of backdoor which will be appearing as an update of a particular legitimate

6INFORMATION SECURITY
software. The guests may be downloading such a new update only for infecting their respective
machine with that backdoor which may be further utilised for downloading software like all the
advanced key loggers of stealing and Trojans.
Attacks of the man-in-the-middle
This will be mainly involving all the hackers who will be directly placing their respective
code which is totally malicious in between the main victim and a resource which is highly
valuable like the particular login page which has been presented by the body of the hotel. The
most sophisticated attack type of MITM may be conducted via several browsers (Huang et al.
2016). In such a case, the malware may be silently recording the data which is to be transferred
in between the browser of the user and the login page of the hotel which may be hard coded into
the particular malware. Such kinds of attacks will not be requiring the attacker to be with much
closer proximity to all the victims and can be utilised for targeting a huge group of victims with
much lower effort. There may also be a high chance that all the hackers may also utilise certain
sniffers of packet for intercepting the information.
Spoofing of Address Resolution Protocol
ARP spoofing or Address Resolution Protocol Spoofing or rather flooding is a kind of
technique which can be utilised directly for attacking all the networks of the hotel (Kim, Lee and
Ham 2013). It will be allowing all the hackers to directly sniff a lot of traffic upon the respective
network of the hotel and can then totally modify or rather alter the data exchange. There may be
chances that all the cyber criminals may send a number of ARP messages which are totally fake
to a local area network mainly for associating the address of MAC of a particular attacker to a
victim’s IP address. As a result, it can be said that any kind of data which will be meant for
transferring to the IP address of the victim is directly transferred to the attacker or rather the
criminal instead (Leung and Law 2013). There also remains a high chance that attacker or the
criminal may also launch DOS attacks or denial of service attacks against all the victims by the
process of forming a specific link of a MAC address which will be non-existent to the IP address
of the victim.
All the above mentions problems can be solved if all the security measures which are
indicated within the policy is properly followed. The display caution signs will be helping a lot

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7INFORMATION SECURITY
in reminding all the guests of the hotel regarding all the do’s and the don’ts while entering the
hotel so that there remains small chance of sensitive information being hacked. By configuring
all the servers and the networks with the encryption of data, all the personal information of any
customers during the process of signing up will be protected by the technology of secure socket
layer for ensuring about the fact that there will be a totally safe transmission of data. The hotel
can be recommended to directly implement the feeds of threat intelligence which will be
involving a particular notification system for any kind of data breach. Such systems will be
providing notification as well as several reports based upon real time which will be signifying
that all the guests of the hotel have been highly targeted or rather may be targeted in the nearer
future (Wang et al. 2015). Use of a service of VPN is equally beneficial as it will be helping a lot
in encrypting all the communications done digitally and also in protecting all kinds of sensitive
data from being totally intercepted by several adversaries. On the other hand, HPPTS helps a lot
in implying the browser to be secure. VLAN is to be utilised wherever possible as they are seen
to be strongly protected by password. Firewall must be activated which will be further blocking
any kind of access which may be unauthorised to any kind of system within the hotel.

8INFORMATION SECURITY
References
Abaya, W.F., Basa, J., Sy, M., Abad, A.C. and Dadios, E.P., 2014, November. Low cost smart
security camera with night vision capability using Raspberry Pi and OpenCV. In 2014
International conference on humanoid, nanotechnology, information technology,
communication and control, environment and management (HNICEM) (pp. 1-6). IEEE.
Chan, E.S. and Lam, D., 2013. Hotel safety and security systems: Bridging the gap between
managers and guests. International Journal of Hospitality Management, 32, pp.202-216.
Huang, X., Craig, P., Lin, H. and Yan, Z., 2016. SecIoT: a security framework for the Internet of
Things. Security and communication networks, 9(16), pp.3083-3094.
Kim, H.B., Lee, D.S. and Ham, S., 2013. Impact of hotel information security on system
reliability. International Journal of Hospitality Management, 35, pp.369-379.
Leung, R. and Law, R., 2013. Evaluation of hotel information technologies and EDI adoption:
The perspective of hotel IT managers in Hong Kong. Cornell Hospitality
Quarterly, 54(1), pp.25-37.
Safa, N.S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N.A. and Herawan, T., 2015.
Information security conscious care behaviour formation in organizations. Computers &
Security, 53, pp.65-78.
Wang, L., Law, R., Guillet, B.D., Hung, K. and Fong, D.K.C., 2015. Impact of hotel website
quality on online booking intentions: eTrust as a mediator. International Journal of
Hospitality Management, 47, pp.108-115.
Wendy Zhu, W. and Morosan, C., 2014. An empirical examination of guests' adoption of
interactive mobile technologies in hotels: Revisiting cognitive absorption, playfulness,
and security. Journal of Hospitality and Tourism Technology, 5(1), pp.78-94.

9INFORMATION SECURITY
Bilbiography
Abdullah, D., Jayaraman, K. and Kamal, S.B.M., 2016. A conceptual model of interactive hotel
website: The role of perceived website interactivity and customer perceived value toward
website revisit intention. Procedia Economics and Finance, 37, pp.170-175.
Ali, F., 2016. Hotel website quality, perceived flow, customer satisfaction and purchase
intention. Journal of Hospitality and Tourism Technology, 7(2), pp.213-228.
Evanitsky, E., Xerox Corp, 2014. Portable security system built into cell phones. U.S. Patent
8,744,522.
Lewis, T.G., 2014. Critical infrastructure protection in homeland security: defending a
networked nation. John Wiley & Sons.
Narteh, B., Agbemabiese, G.C., Kodua, P. and Braimah, M., 2013. Relationship marketing and
customer loyalty: Evidence from the Ghanaian luxury hotel industry. Journal of
Hospitality Marketing & Management, 22(4), pp.407-436.
Prasad, K., Wirtz, P.W. and Yu, L., 2014. Measuring hotel guest satisfaction by using an online
quality management system. Journal of Hospitality Marketing & Management, 23(4),
pp.445-463.
Rostami, M., Koushanfar, F. and Karri, R., 2014. A primer on hardware security: Models,
methods, and metrics. Proceedings of the IEEE, 102(8), pp.1283-1295.
Tsai, Y.H., Wu, C.T. and Chen, S.L., 2015. Hotel choice criteria by business and leisure
travelers. International Journal of Organizational Innovation (Online), 7(4), p.158.
Vidgren, N., Haataja, K., Patino-Andres, J.L., Ramirez-Sanchis, J.J. and Toivanen, P., 2013,
January. Security threats in ZigBee-enabled systems: vulnerability evaluation, practical
experiments, countermeasures, and lessons learned. In 2013 46th Hawaii International
Conference on System Sciences(pp. 5132-5138). IEEE.

1 out of 10

+13062052269

info@desklib.com

Developing a Strategic Security Policy for Hyatt Regency Sydney

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Information Security for Hyatt Regency Sydney

The Meriton Suits : Security Policies, Threats, Vulnerabilities

Information Security: Holiday Inn Australia

Possible ways of network data leakage

CYBER SECURITY Name: Student Id: Name of univeristy:.

Understanding Information Security Threats