Eviivo Security

Introduction

For property managers in the US hospitality industry, your eviivo account represents far more than just a login credential—it's the gateway to your business operations, guest data, financial information, and reputation management. As cyber threats continue to evolve and target the hospitality sector specifically, securing your eviivo account has never been more critical.

In this comprehensive guide, we'll explore essential security measures that every property manager should implement to protect their eviivo account from unauthorized access and potential data breaches. These best practices balance robust security with practical usability, ensuring your property management system remains both secure and efficient.

The Stakes: Why Eviivo Account Security Matters

Before diving into specific security measures, it's important to understand what's at risk if your eviivo account is compromised:

  • Sensitive Guest Information: Your account contains personally identifiable information (PII) about your guests, including names, addresses, contact details, and potentially payment information.
  • Financial Data: Access to your payment processing settings, bank account details, and transaction history could lead to financial losses.
  • Operational Disruption: Unauthorized changes to your property's availability, pricing, or policies could result in significant business disruption and revenue loss.
  • Reputation Damage: Security breaches involving guest data can severely damage your property's reputation and trust with customers.
  • Regulatory Compliance: In the US, various state and federal regulations (including data privacy laws) require businesses to protect customer information, with potential legal consequences for security failures.

1. Create and Manage Strong Passwords

Your password is the first line of defense for your eviivo account. Implementing strong password practices is fundamental to account security.

Key Password Strategies:

  • Length and Complexity: Create passwords that are at least 12-16 characters long, combining uppercase letters, lowercase letters, numbers, and special characters.
  • Avoid Predictable Information: Never use passwords containing your property name, address, phone number, or other easily guessable information.
  • Unique Passwords: Use a different password for your eviivo account than you use for other online services. If one account is compromised, others remain secure.
  • Regular Updates: Change your password every 3-6 months, and immediately after any staff changes or suspected security incidents.
  • Password Managers: Consider using a reputable password manager like LastPass, 1Password, or Bitwarden to generate, store, and auto-fill strong, unique passwords.

Remember that a strong password doesn't need to be difficult to remember. Consider using a passphrase—a string of random words with numbers and symbols interspersed—which can be both secure and memorable.

2. Implement Two-Factor Authentication (2FA)

Two-factor authentication adds a crucial second layer of security by requiring something you know (your password) and something you have (typically your mobile device) to access your account.

Setting Up and Using 2FA:

  • Enable 2FA in Settings: If eviivo offers 2FA (which most modern property management systems do), enable it in your account security settings.
  • Choose Your Method: Typical 2FA options include:
    • SMS text messages (convenient but less secure)
    • Authentication apps like Google Authenticator or Authy (more secure)
    • Email verification codes
    • Hardware security keys (highest security)
  • Set Up Backup Methods: Configure multiple 2FA recovery options to ensure you don't lose access if your primary device is unavailable.
  • Save Recovery Codes: If provided, store 2FA recovery codes in a secure, offline location.

For US property managers with multiple staff members accessing the eviivo system, implementing 2FA across all user accounts is particularly important, as it significantly reduces the risk from password-based attacks.

3. Manage Staff Access Securely

Many properties have multiple staff members who need access to the eviivo system. Implementing proper access controls is essential for maintaining security while enabling operational efficiency.

Staff Access Best Practices:

  • Individual Accounts: Create separate accounts for each staff member rather than sharing login credentials. This provides accountability and limits exposure if one person's credentials are compromised.
  • Role-Based Permissions: Assign access rights based on job responsibilities. Front desk staff may need booking capabilities but not financial reporting access, for example.
  • Regular Access Reviews: Periodically review who has access to your eviivo system and what level of permissions they have.
  • Prompt Deprovisioning: Immediately revoke access when staff members leave your organization or change roles.
  • Access Logs: Regularly review account activity logs to identify any unusual or unauthorized access attempts.

4. Secure Your Devices and Networks

Even the strongest account credentials can be compromised if the devices or networks you use to access eviivo are insecure.

Device and Network Security:

  • Keep Systems Updated: Ensure all devices used to access eviivo have the latest operating system updates and security patches.
  • Use Antivirus/Anti-malware: Install and maintain reputable security software on all devices.
  • Secure Your Wi-Fi: Use WPA3 encryption for your property's Wi-Fi network, with a strong, unique password. Consider creating a separate network for guests that's isolated from your management systems.
  • Avoid Public Wi-Fi: Never access your eviivo account on public Wi-Fi networks unless using a secure VPN (Virtual Private Network).
  • Screen Lock: Enable automatic screen locks on all devices after short periods of inactivity.
  • Physical Security: Ensure computers used for property management are in secure locations, not accessible to guests or unauthorized staff.

5. Recognize and Avoid Phishing Attempts

Phishing remains one of the most common ways accounts are compromised. These deceptive attacks trick users into revealing their login credentials or other sensitive information.

Phishing Prevention:

  • Verify Email Sources: Check sender email addresses carefully. Legitimate eviivo communications will come from official eviivo.com domains.
  • Be Wary of Urgent Requests: Treat with suspicion any email claiming your account will be suspended or requires immediate action.
  • Check Links Before Clicking: Hover over links to see the actual URL destination before clicking. When in doubt, manually navigate to the eviivo website instead of clicking email links.
  • Verify by Phone: If you receive a suspicious email claiming to be from eviivo support, contact them directly through official channels to verify.
  • Staff Training: Ensure all team members who access eviivo understand how to identify phishing attempts.

Remember that eviivo will never ask for your password via email, and legitimate password reset links should only be ones you specifically requested.

6. Regularly Monitor Account Activity

Proactive monitoring helps you detect and respond to suspicious activity before significant damage occurs.

Monitoring Strategies:

  • Review Login History: Periodically check your account's login history for access from unfamiliar devices or locations.
  • Check for Unusual Changes: Monitor for unexpected modifications to your property settings, rates, or policies.
  • Enable Notifications: If available, set up alerts for significant account actions like password changes, new user creation, or unusual login attempts.
  • Regular Financial Reconciliation: Frequently reconcile your eviivo financial reports with your bank statements to catch any discrepancies.

7. Create and Test a Security Incident Response Plan

Despite best precautions, security incidents can still occur. Having a plan in place helps minimize damage and recovery time.

Key Components of Your Response Plan:

  • Contact Information: Maintain an updated list of contacts including eviivo support, your IT support provider, and relevant staff members.
  • Step-by-Step Procedures: Document the exact steps to take if you suspect your account has been compromised, including:
    • Changing passwords immediately
    • Contacting eviivo support
    • Reviewing recent account changes
    • Checking for unauthorized bookings or modifications
  • Communication Templates: Prepare draft communications for guests, staff, and relevant authorities in case of a data breach.
  • Regular Testing: Periodically review and practice your response plan to ensure all staff know their responsibilities.

8. Stay Informed About Security Updates

The security landscape evolves constantly, with new threats and protective measures emerging regularly.

Staying Current:

  • Follow Eviivo Updates: Read all security-related communications from eviivo and implement recommended security enhancements promptly.
  • Industry Resources: Follow hospitality industry security resources like the American Hotel & Lodging Association's information security guidelines.
  • General Cybersecurity News: Stay informed about major security threats that could affect your business through resources like the US-CERT (United States Computer Emergency Readiness Team) alerts.

Practical Implementation for US Property Managers

Implementing comprehensive security can feel overwhelming, especially for smaller properties with limited resources. Here's a practical approach for US-based property managers:

1. Start with the Fundamentals

Begin with the highest-impact, lowest-effort security improvements:

  • Update to a strong, unique password
  • Enable two-factor authentication
  • Ensure your computer has current antivirus protection and updates

2. Create a 90-Day Security Improvement Plan

Spread additional security enhancements over a reasonable timeframe:

  • Month 1: Audit and update staff access rights; implement individual accounts
  • Month 2: Develop and document your security incident response plan
  • Month 3: Conduct staff security awareness training; implement network security improvements

3. Establish Regular Security Maintenance

Create a schedule for ongoing security activities:

  • Monthly: Review access logs; check for system updates
  • Quarterly: Change passwords; review staff access permissions
  • Annually: Conduct a comprehensive security review; update your response plan

Conclusion

For US property managers, securing your eviivo account is an essential business practice, not an optional extra. By implementing these security measures, you protect not only your operational capabilities but also your guests' data, your financial assets, and your property's reputation.

Security is never a "set it and forget it" task—it requires ongoing vigilance and adaptation. However, by establishing strong fundamentals and maintaining consistent security practices, you can significantly reduce your risk exposure while continuing to leverage the powerful capabilities of the eviivo platform for your property management needs.

Remember that in the US hospitality market, demonstrating strong security practices is increasingly becoming a competitive advantage, as guests and business partners alike seek assurance that their information will be handled responsibly.

Have specific questions about implementing these security measures for your eviivo account? Contact our team for personalized guidance tailored to your property's unique needs.

Back to Blog