Don’t dive into the unknown, put your travel and tourism business in the know this summer

From April - September 2019, the West Midlands region had over 400,000 people visit the region for domestic holidays, bringing a total income of over £179m to the region.


With the UK summer season fast upon us and the easing of lockdown happening over the next few weeks, the Cyber Resilience Centre for the West Midlands is encouraging leisure and travel and tourism businesses to prepare themselves for what is expected to be a record-breaking season for UK holidays.


Businesses, especially in the travel and tourism industry, are finding themselves as busy as ever, which is great news for them - but now is the time to be even more cautious when it comes to keeping your and your customers’ information safe.


Passwords on electronic devices are a crucial component to achieving this and yet a recent survey of UK passwords conducted on behalf of the National Cyber Security Centre (NCSC), demonstrated that they are often made up of things people can easily predict. These include pets’ names (15%), family members’ names (14%), a significant date (13%), or a favourite sports team (6%).


In fact, 6% of the UK admitted using ‘password’ as all or part of their own password – meaning millions of accounts could be easily breached by criminals using trial-and-error techniques of common codes.


As a result, the NCSC Cyber Aware campaign is advising businesses, organisations, and individuals in the area to follow these four password practices.



  • Use a strong and separate password for your email. If a hacker gets into your email, they could reset your other account passwords and access information you have saved about yourself or your business. Your email password should be strong and different to all your other passwords.

  • Create strong passwords using three random words - when you use different passwords for your important accounts, it can be hard to remember them all.

  • Do not use words that can be guessed (like your pet’s name). You can include numbers and symbols if you need to. For example, “RedPantsTree4!”

  • Saving your passwords in your web browser will help you manage them and can protect you against some cybercrime, such as fake websites.

Reusing the same password across different accounts can be dangerous. A cybercriminal might steal one of your passwords, and then use it to try and access other accounts. This means they could quickly break into several of your accounts despite only knowing one password.


Another great tool to use, which helps you keep track of all your passwords is a password manager app. This can be used on a phone, tablet or computer and stores multiple passwords securely.


Other advantages of these tools are that:

  • they can make it easy for you to use long, complex, unique passwords across different sites and services, with no memory burden.

  • they are better than us at spotting fake websites, so they can help prevent you falling for phishing attacks.

  • they can generate new passwords when you need them and automatically paste them into the right places.

  • they can sync your passwords across all your devices, so you’ll have them with you whether you’re on your laptop, phone or tablet.

  • Yet even the password manager app needs securing because if a criminal can gain access to this they will potentially get into all your passwords and associated accounts.

The NCSC strongly recommends that you:

  • Set up two factor authentications on the password manager account. If you have the option, set up more than one type of second factor so you have a backup plan to get into your password manager account.

  • Install updates for your password manager app as soon as you're prompted to update. If you're using your browser, always make sure you are using the latest version and you keep this up to date.

  • Choose a strong password for the password manager account (for example using three random words). You can’t store this in the password manager itself, so you may want to write this one down and store it somewhere safe - away from your device - so you don't forget it.

We hope this will be useful for you but if you have any further questions about password management, or how we can help your business, please get in touch.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.