Identity Security for Hospitality
Passwordless Access for Modern Hospitality
As a Gold Level Partner and authorised RSA Security reseller, DTE helps hospitality brands modernise identity and access management – protecting guest data, securing staff systems, and enabling smooth digital operations across hotels, venues, and leisure groups.
Whether you are adopting passwordless or multi-factor authentication (MFA), managing secure access across dispersed sites, or meeting PCI DSS and data protection requirements, we deliver the trusted RSA technology and expert support to keep your business secure and guest-ready.
Why Hospitality Brands Choose DTE and RSA:
✔️ Industry-aware RSA expertise with direct vendor access
✔️ Fast, scalable deployment across multiple locations and user types
✔️ Secure access for staff, suppliers, and digital guest services
✔️ Aligned with compliance, cyber resilience, and digital transformation goals
Protecting Guest Data, Operations, and Brand Reputation
Hotels, resorts, and hospitality providers rely on digital systems to manage bookings, personalise guest experiences, and keep operations running smoothly. But with that digital convenience comes growing cyber risk.
Recent attacks in the industry have led to data breaches, booking disruptions, and damaged reputations – undermining guest trust and impacting revenue.
In a competitive, always-on industry, protecting your systems, customer data, and staff is essential. While no cybersecurity solution can stop every threat, the right defences can reduce risk, speed up recovery, and help ensure your guests enjoy a seamless, secure experience.
The Hospitality Figures
Around 75% of UK hospitality businesses reported at least one cyberattack in 2024
The average cost of a data breach in UK hospitality increased to approximately £3.1 million in 2024
Fines for GDPR non-compliance related to data breaches in the sector averaged around £150,000 per incident
Don’t be the Next High-Profile Attack
Edwardian Hotels – October 2023
Premium Edwardian Hotels in London – including The May Fair and Radisson Blu Edwardian – were struck by a BlackBasta ransomware attack, resulting in stolen bank details and passports. Reports indicate attackers likely gained access via weak or single-factor credentials. Enforcing MFA or passkey-based passwordless authentication, especially for remote logins and guest data systems, could have prevented initial access and lateral movement.
Dalmahoy Hotel & Country Club – 2024
The Hunters ransomware gang claimed to have stolen nearly 1 TB of data from Dalmahoy Hotel near Edinburgh. Though details are scarce, the scale suggests attacker use of stolen credentials or unprotected administrator access. Implementation of strong MFA or device-attached passkeys would disrupt this attack chain by eliminating reliance on passwords alone.
Storm-1865 “ClickFix” – 2023
Microsoft reported that Storm‑1865 is targeting UK hospitality staff via fake Booking.com emails, leading to malware that steals credentials from booking portals. These attacks rely on successful lure of staff into entering passwords. Passwordless login (e.g., FIDO2 passkeys) would render such phishing attempts ineffective – credentials cannot be captured or reused.
Recent Insights
No MFA? You Could Face Fines, UK’s ICO Warns.
Coventry School Breached Three Times: Lack of MFA & Weak Passwords to Blame
Why Retailers Must Act on MFA: Lessons from Recent Cyber Attacks
How to Prevent Cloud Account Takeover
Understanding the Cost of Multi-Factor Authentication and its Impact
Credential Phishing is Evolving Fast – Here’s How to Shut it Down
Need Help Finding the Right Solution?
Submit your details and we’ll be in touch.