Lock and Keypad: Cybersecurity in the Restaurant Industry
“...And there were no survivors.”
Not really, but it’s good to be cautious. Although the restaurant industry doesn’t ask consumers to hand over their social security cards or their darkest secrets (even though some more intoxicated customers might), card information, phone numbers, and email addresses are exchanged pretty frequently. It’s not a good reputation to have had your customers data stolen directly from your computer systems. In April of 2011, 50 Manhattan restaurants’ guest identities were stolen from restaurants like Morton’s, The Capital Grill, Smith & Wollensky, and the Bicycle Club. In short, taking time to protect your business from fraudulent behavior is a must. Our Scientists are always on top of how to protect you and your patron’s data, and have researched some things that we can do to help better defend against random hacks.
PCI Compliance
PCI Compliance is defined as “Payment card industry (PCI) compliance is mandated by credit card companies to help ensure the security of credit card transactions in the payments industry”(for more information, click here). For instance, don’t write your customers credit card info down on a piece of paper and throw it in a drawer. That’s a pretty expensive way to lose credibility.
Being PCI compliant will save you a headache on top of a headache if you ever have a security breach. Most cloud-based POS systems include this, but you can also scrutinize your third-party vendors to make sure there are no loopholes in any of your services. EMV chip readers are a safer-way to process cards through your POS; EMV readers are directly linked to the financial institution of the card and use a unique cryptogram to ensure transactions are secure.
It is easy to end up paying fines on any stolen consumer information if any of the security requirements on your end aren’t met. Being PCI Compliant will save you from bearing the brunt of responsibility, and leave your finances alone.
Password Security and Managements
Having a centralized password management system (Lastpass, Zoho Vault) can help utilize more cryptic passwords, as well as allowing easier tracing in case something does go wrong. Science on Call values setting up our customers software services with strong passwords and two-factor authentication (2FA). These processes may seem tedious, but having both a secure password and 2FA will maximize your capability to protect your business.
Not to mention, having one password for everything can bring all tech crashing down if someone unauthorized gets a hold of it. We’ve heard too many horror stories like this where someone gained access to every business-related account because of an omnipotent password. Best practice is to have unique, random passwords for each account. Nothing predictable like your cat’s name or “123456”, and not stored in an Excel file or Google Doc - that’s like leaving keys in your front door.
Employee Logins
It’s in the businesses and customers best interest to have each of your employees have unique logins to the POS System. Having unique ID’s for your staff allows tracking patterns for any potential thefts. Square, Upserve, and Toast are just a few systems that offer advanced employee management.
Not only do unique logins prevent anonymous and sketchy behavior, but turnover with your employees will be much more streamlined and simple. As previously mentioned, having the ability to track information like employee IDs and passwords from a secure location enables seamless accountability and transitioning.
IT Management
Among all other things, investing in an IT service for your restaurant is the easiest way to ensure that your business is protected at all times. Not only can Science run tests on your POS, online ordering, and computer to make sure that you are fully up-to-date, we can also come onsite to test the full scope of your restaurant's cybersecurity. Cyber Pop-Up also offers on-demand cybersecurity assessments, as well.