As hoteliers, we’re constantly focused on creating a warm, welcoming atmosphere that invites guests into our business. But because we’re often so busy with that, we may not always think about who we need to keep out. 

The unfortunate reality is that hackers are becoming more creative in finding ways to access sensitive systems. This doesn’t just put your data at risk – in hospitality, it also threatens your guests and your business. 

The good news? A few smart security practices can keep your digital doors securely locked, ensuring only the right people have access. Keep reading for seven straightforward ways to keep your hospitality accounts safe. 

Table of contents

How to keep your hospitality accounts secure

The key to security is being proactive – don't wait until you have a potential breach to act. If you follow the advice in these seven tips, you'll go a long way to keeping your hospitality accounts secure.

1. Watch out for phishing campaigns 

Phishing is an attempt to steal sensitive information – typically login credentials, credit card details or back account information.  

Hackers are constantly looking for new ways to exploit either a system or a process to gain access to this information, be it through emails or fake advertisements. One example is the creation of fake login pages that look just like the real thing. If your staff accidentally enters their information on one of these pages, hackers can gain access to your accounts. 

Here’s how to avoid this: 

  • Don’t use search engines to find login pages: always type the URL directly into your browser. 
  • Check the URL: make sure the web address is correct before you enter your login details. 
  • Report anything suspicious: if you see a fake login page, let your IT team or Mews know right away. 

Staying alert can help you avoid falling for these common phishing tricks. In the case of the Mews login page, be sure to use and bookmark the exact Mews login URL: https://app.mews.com. Read more about this phishing scam in this Mews Community article.  

2. Use strong, unique passwords 

Your password is your first line of defense, but reusing passwords or sharing them within your team can leave your accounts vulnerable. Imagine if someone gains access to your email account and you’re using the same password for Mews – suddenly, it’s not hard for them to get into your system. 

To keep things secure, follow these tips: 

  • Make it unique: don’t reuse passwords across different accounts. Each one should be distinct. 
  • Don’t share passwords: even within your team, sharing passwords can lead to unintended risks. 
  • Use a mix of characters: combine upper- and lower-case letters, numbers, and symbols to strengthen your passwords. 

By creating strong, unique passwords and keeping them to yourself, you make it much harder for anyone to gain unauthorized access to your accounts. Want to know how to keep track of all these passwords? We’ll cover that in the next tip. 

3. Use a password manager 

On that same note, a password manager can help you create and store strong, unique passwords for all your accounts. It’s a simple tool that takes the guesswork out of password security. 

Why use a password manager? 

  • Stronger passwords: password managers can generate complex passwords for you. 
  • No more forgotten passwords: you only need to remember one master password. 
  • Better security: your passwords are stored securely, protecting them from hackers. 

Using a password manager makes it easier to maintain strong, secure passwords across all your accounts. 

4. Turn on two-factor authentication (2FA) 

Two-Factor Authentication (2FA) adds an extra step when you log in, making it harder for someone to break into your account. After you enter your password, you’ll be asked for a code that’s sent to your phone or another device. 

Here’s why 2FA is a good idea: 

  • Extra protection: even if someone has your password, they can’t log in without the code. 
  • Helps prevent phishing: if you accidentally give away your password, 2FA can still protect against hackers. 
  • Peace of mind: you can relax knowing your account has an extra layer of security. 

Mews strongly encourages using 2FA to help keep your accounts secure. Haven’t enforced it for your Mews account(s) yet? You can do so here.  

5. Keep an eye on new logins 

Have you ever been notified when a new device logs into your streaming service account (like Netflix)? That’s new device detection in action. If your hospitality account offers this feature, be sure to enable new device detection. 

Here’s how it works: 

  • Get alerts: You’ll be notified when someone logs in from a new device. 
  • Control access: You can approve or deny the login, keeping unauthorized users out. 

Mews will soon offer new device detection to help you keep tabs on who’s accessing your accounts and add an extra layer of security. Find out how to enforce it here.  

6. Train your team 

Your staff plays a big role in keeping your accounts secure. In the hospitality industry, where staff turnover is common, training is key. Make sure everyone knows the basics of cybersecurity and understands how to spot potential threats. 

Why this matters: 

  • Recognize threats: Teach your team how to identify phishing emails and suspicious activity. 
  • Reduce mistakes: Regular training helps prevent errors that could lead to security breaches. 
  • Stay informed: Keep your team updated on the latest security practices. 

At Mews, we believe that a well-trained team is one of the best defenses against cyber threats. Learn more about the strategies to combat sophisticated phishing attacks with our CEO Matthjis Welle on Mews University.  

7. Use Single Sign-On (SSO) 

Single Sign-On (SSO) lets your staff log in once and access everything they need without having to remember multiple passwords. It simplifies the login process while keeping everything secure. 

Benefits of SSO: 

  • Less hassle: Your team only needs to remember one password. 
  • More control: IT can manage access more easily and enforce security policies. 
  • Fewer risks: Fewer passwords mean less chance of them being forgotten or reused. 

Mews recommends SSO for properties looking to make access easier while keeping accounts secure. Learn more about how to set up SSO for your property here.  

Make security simple 

Keeping your hospitality accounts secure doesn’t have to be complicated. By following these simple steps, you can protect your business and your guests from potential threats. 

At Mews, we’re here to help you keep your accounts safe. If you have any questions or need more information, don’t hesitate to reach out. We’re always ready to help you secure your property.