Target Audience: All employees who use hotel workstations, Front Desk employees, General Managers, IT Managers

Training Tip: Ask the audience if they have ever left their computer workstation without logging out or locking the screen? When you returned, was someone else using the workstation?

Main Content: This program is designed to introduce all employees in the hotel who use hotel workstations to the importance of workstation security.

Computer workstations may be located in various areas of your hotel – the front desk, in the business center, the back office, or employee use computer areas. Each individual with access to hotel computer workstations has a responsibility to maintain security of the workstations that you and guests can access. By following simple workstation safety guidelines and being aware of public use computer safety, you can help reduce the risk of guest, employee, or personal information being compromised.

Hotel workstations

Workstations which store employee and guest information should be set to require a timeout after being inactive 15 minutes or less. An easy way to implement a timeout requirement is to set a password protected screen saver. Once the screen saver appears, only the individual who knows the password will be able to get back into the workstation.

An even better practice for all workstation users to abide by is to lock your workstation every time you move away from your computer. By pressing the Windows button and the letter ‘L’ key, or ‘Ctrl’-‘Alt’‘Del’ and selecting ‘Lock Computer’, you can quickly lock your screen and disable anyone else from accessing your workstation.

Don’t forget to log out! If you use a workstation that is used by other individuals throughout the course of the day, log completely out of the workstation at end of your shift. If you do not log out, the next person who uses the workstation will be logged in under your ID and all transactions executed by that person will be stamped with your name.

Other workstations safety tips

You should never leave computers unattended with guest or employee-sensitive information displayed. If you have to leave your workstation and are not finished viewing the information you have retrieved, lock your workstation or close the information and come back to it later. While you have stepped away, other individuals could view your screen and obtain information they should not have.

As a General Manager or IT Manager, you should ensure that system activity is logged and perform reviews of the logs periodically to look for anomalies. For instance, if your back office Accounting staff leave every day at 5:30pm and do not work on the weekends, you should check that nobody in this department has logged on to the system and executed transactions late at night or on weekends or holidays.

Business Center and Kiosk Computers

Within your hotel, there may be several computers that are available for public use. All computers used by guests must be kept completely separate from your hotel operational network and servers.

All computers should be inspected daily for key logging devices. These devices record every keystroke you make and can capture your username and passwords or other personal information. It is important that all hotel employees are made aware of key logging devices and can identify them and report any sightings to management. (Refer to the Key Logger Ten Minute Trainer).

It is also a good idea to post signage near public computers informing users of the different risks associated with using public computers. (Refer to the Public Computer Use Safety card).

Checking for malware and spyware on public computers is a great way to protect the workstation and any data stored on it. Malware is any type of malicious software – a virus, or other tricky software that can reinstall itself even after you think it has been removed. Spyware is a type of software that is installed on a computer typically without the user’s knowledge and transmits information about the user’s computer activities over the Internet. By reporting any instances of suspicious software found, you can help keep hotel workstations working properly.

Another sound practice is to enable automatic workstation re-loading each time an individual logs out of the workstation. By enabling this functionality, the public computers can be scrubbed clean after each user – removing any personal or sensitive information they may have entered.

Another consideration for computer workstations is theft and keeping malicious individuals from accessing them. You should consider implementing room key access for business centers so that only registered guests can access these computers – this will keep unwanted individuals out. Or, if your hotel business center or other areas where you have computer workstations are not located in places that can be secured, placing cameras near these areas is a great way to detect individuals if there is a security breach.