Core Security Best Practices
Strong security starts with the basics. Every property using Visual Matrix should ensure that all staff members follow these best practices every day. These habits create the first line of defense against fraud, phishing, and unauthorized access.
Use Strong, Unique Passwords
Every user must have their own login with a strong password.
Passwords should be unique to Visual Matrix and not reused from other systems.
Avoid simple or predictable passwords (e.g., names, birthdays, or “1234”).
Rotate Passwords Regularly
Change passwords at least every 90 days, or immediately if there’s suspicion of compromise.
Do not delay updates if an employee leaves the property or changes roles.
If you suspect a hack or want to reset every employee’s password, open a support ticket. Visual Matrix can trigger a full reset across all accounts.
Never Share Accounts
Shared or “generic” accounts (such as “Front Desk” or “Shift”) are not permitted.
PCI rules require individual accountability — every employee must use their own login.
Handle Payment Data Properly (PCI)
Do not type or store card data in any free-text or non-payment fields such as Comments, Notes, folio/guest memos, messages, tasks, or other custom fields.
Tokenized payment fields are the only approved location for card entry.
Placing card data in non-payment fields violates PCI requirements and increases the risk of exposure.
If card details are found in a non-payment field, remove/redact them immediately and notify a manager in accordance with your incident procedures.
Only enter credit card numbers or cardholder details in the designated payment fields that tokenize card data.
Stay Alert for Phishing
Be cautious with emails or calls asking for login credentials, refunds, or unusual requests.
Do not click on suspicious links or attachments.
Report suspicious emails to management immediately.
Review Quarterly Security Reminders
Visual Matrix displays a security reminder pop-up once per quarter.
All employees should click through and review it carefully.
Managers should ensure staff do not dismiss these reminders without reading them.
These practices may seem simple, but they are the foundation of security. Weak or shared passwords, dismissed reminders, and phishing mistakes are the most common entry points for attackers. By following these best practices, every user plays a role in protecting the property.
Still need help with this topic?
Ask Yourself:
- Am I using a strong, unique password for my PMS account?
- Have I changed my password within the last 90 days?
- Do I have my own login, or am I still using a shared account?
- Did I read and understand the most recent quarterly security reminder?
- Have I reported any suspicious emails or calls I’ve received?
Support May Ask You:
- Which user account(s) are you asking about (name, role)?
- When was the last time you changed your password?
- Do you see any shared or duplicate logins in your system?
- Did you or your staff see the most recent quarterly security reminder pop-up?
- Can you provide details (time, sender, message) about any suspicious email or call?
Related Article(s)
Related Articles
Visual Matrix Security Overview
Security is at the core of everything we do at Visual Matrix. From protecting guest data to preventing fraud, keeping your PMS secure requires a partnership between our technology safeguards and your property’s daily practices. Every hotel faces the ...Visual Matrix Security Collection
Security is a shared responsibility. Visual Matrix provides the tools and safeguards you need to protect your PMS, but every property must also take active steps to reduce risks from fraud, phishing, and unauthorized access. This collection brings ...FAQ - PMS Safety & Security
Security in the hospitality industry is more than a best practice — it’s a vital guardrail for your guests, your staff, and your property’s operations. At Visual Matrix PMS, we build in robust safeguards to protect your system, but the strongest ...Responding to a Security Incident
Even with strong safeguards in place, incidents can still happen. Quick and decisive action is the best way to minimize damage, protect guest data, and restore secure operations. Use this checklist if you suspect an unauthorized user has accessed ...Best Practices for Managing Credit Card Batches in Visual Matrix PMS
Managing credit card batches effectively is essential for maintaining smooth payment processing, accurate accounting, and timely funding. This guide outlines proven daily practices, staff protocols, and system tools to help you prevent settlement ...