This morning we saw two headlines that (should) put restaurant technology users on high alert. Pizza Hut announced a hefty data breach compromising an estimated 60,000 customers. Unrelated to Pizza Hut’s breach, a nasty WiFi vulnerability known as KRACK was uncovered that allows attackers to intercept traffic between mobile devices and wireless routers. Anyone that uses WiFi (or offers it to guests in their restaurants) should be aware of KRACK and do everything they can to secure their devices. Similarly, any business owner that utilizes a website or mobile ordering app should be familiar with good security practices.
Data and security breaches are creating more and more headlines as threats become more sophisticated. As a savvy restaurateur, you likely have a lot of technology you use within your business, from credit card processing and POS to your own website or mobile app. It is always a good time to ensure all your systems are safe and secure.
Some security best practices to protect you, your business, and your customers:
Computers, cell phones, and even your POS should get regular updates that include important security patches. While we’re all guilty of postponing those Windows updates that require us to restart, now is a great time to make sure your machine is up to date, especially any device that talks to WiFi.
Change passwords frequently and securely. Most systems, like Windows OS, will require you to change your passwords on regular intervals to proactively defend against security threats. Want an added layer of security? Enable two-factor authentication that requires a pass code to be sent to a mobile phone before any passwords can be reset.
Secure Credit Card Processing
Credit cards are a necessary evil of running your business. In recent years with the release of EMV chip and PIN cards, card companies are doing what they can to prevent fraud, but it’s up to you to make sure you have secure processing hardware and software. Be aware that some fraud liability may fall on your shoulders as a business owner.
Some other tips:
- If you host your own website or online ordering site, make sure it follows HTTPS protocol (as the “S” stands for secure!)
- Make sure any technology vendor you trust your business to releases regular updates with security patches
- Assign a unique ID to each person with computer access.
- Regularly test security systems and processes.
- Maintain a security policy and ensure that all personnel are aware of it.
- Segment payment data from any other network
- Employ modern encryption protocols to transmit cardholder data
- Educate yourself and your staff on current PCI standards
Making security a priority and being smart about your restaurant technology will go a long way in protecting your business and its customers. While there are no guarantees in an ever evolving world of security threats, these best practices are a great starting point to keep threats at bay.