How Restaurants Can Protect Their Data

Data protection.jpeg

As technology has advanced - which is a huge win for restaurants and hotels - the risk of attacks has also unfortunately increased. 

Let's be real: As a hospitality business professional, you know a lot about things like labor costs, operations, customer service, and managing teams - but tech and data security is probably not one of your strong suits.

Unfortunately, this makes you extra susceptible to cyber attacks. Hackers are looking for vulnerable people and easy access. 

No one wants to deal with a potential threat - but it’s better to be prepared than risk eroding trust amongst your employees and customers. Even if you haven’t been the victim of a cyber attack or theft, your patrons may choose not to do business with you if they feel that you’re not taking appropriate steps to ensure their information is secure. 

So - how high are the stakes? After a data breach, not only could jobs be at risk, but you’ll pay in high legal costs, lost sales, and eroded customer trust. The worst-case scenario is that you'd go out of business altogether, which is the unfortunate reality of many establishments that experience a data breach.

And it's only getting worse: According to the Identity Theft Resource Center, 2017 outpaced every previous year in terms of number of breaches reported: 1,579. That's a staggering loss of 78 million consumer records.

Here are a few simple ways you can protect your business and your customers: 

1 - Payment Card Industry Compliance. Becoming PCI compliant is the first step you should take to becoming more secure and less susceptible to cyber-attacks. So, how does one become PCI compliant? It is obtained by following a set of standards to ensure that all companies accept, process, store, or transmit CC info maintain a secure environment. In other words, being PCI compliant gives your business an extra level of above-and-beyond security wherever possible so your customers can feel safe with every swipe of their card. 

2 - Invest in a Modern POS. Modern point-of-sale systems allow for immediate encryption for credit card information upon swiping, so everything is transferred securely. This gives you more control over the protection of your customer’s data from the very first point of contact. Since the sensitive information (their payment) is encrypted, hackers can’t install malware - software that is intended to damage or disable computers and computer systems - on your company’s network. Since hackers look for a trail to follow in order to steal information, they won’t find any - so there’s nothing for them to access. 

3 - Keep It In the Cloud. Speaking of modern POS systems, they also offer another benefit, which is that they are far more secure than legacy systems. What does it mean to be stored in the cloud? Simply put, all data is stored off-site - meaning customer credit card data is instantly, securely transferred to the next step in your payment process. On top of that, modern POS systems are just easier to use and offer more convenient features than legacy systems. If you haven’t upgraded, this is an easy win for your business (did you know Harri integrates directly with most major POS companies, like Toast?). Still need convincing? Legacy systems work by storing information on-site - i.e. the back office of your restaurant. Yikes! This makes thousands of customers’ data especially vulnerable to theft. You wouldn’t just leave a pile of money on your desk, would you? Make sure your customers’ data doesn’t end up in the wrong hands, and upgrade to a modern POS. 

4 - Stay One Step Ahead of Hackers. Always strive to stay one step ahead of people who may want access to your data for the wrong reasons. No, we’re not suggesting you become an information technology guru overnight - let someone else do the work for you! By upgrading to a modern POS, you’ll typically receive technical support and regularly-scheduled software upgrades. One of the main responsibilities of a software engineer on one of these teams is to anticipate issues and recognize weak areas that have the potential to cause security breaches. Then, they resolve the issue via regular software updates. 

5 - Keep Your Passwords Protected. This almost goes without saying, but in your back office, do not let everyone use the same username and password, and restrict who is allowed access to it. Also - make sure these passwords are updated at least every 6 months (this is a great tip for your personal passwords, too!) 

6 - Don't Allow Remote Desktop Connections. Occasionally a situation may arise where an employee requests a remote desktop connection. Think hard before you allow them to do this, as it can allow firewall breaches. If you’re not sure where your weak spots are in your firewall, consult an expert to patch them and make recommendations on how often the firewall should be reevaluated. 

In this day and age, no industry is safe from cyber-attacks, so it’s important to keep your business protected. Don’t let your business be an easy target! Start today! Don’t let your business be an easy target!