Restaurants & Cybersecurity?

Do Restaurants Need to Worry about Cybersecurity?

It is the year 2015, and criminals have become smarter and smarter. Sure there are still the brazen few who don a ski mask to hold a stick up for some quick cash, but the criminals who are after the big bucks have moved their criminal syndicate from the streets to behind a computer screen. Credit card numbers and other personal information carry a hefty price tag, and these criminals will look anywhere for an easily accessible system to steal from, including restaurants. Multiple studies on cyber-attacks and data breaches found that anywhere from a quarter, to half, of all data breaches occurred in the food and beverage service industry, placing it in the “most targeted” category, along with the retail industry.

Restaurants Prime Candidates for Hackers

What many restaurants don’t realize is that they are prime candidates for a hacker to target since the majority of restaurants accept credit cards. Larger businesses and banks have stiffened up their systems, making it much more difficult for hackers to access, but for the most part, restaurants have older, outdated systems. The sheer number of restaurants around the country puts the odds in the hackers’ favor of being able to find one that has “left the back door open.” The average cost of a data breach in 2015 has risen to $3.8 million, which includes hiring experts to repair the breach, investigators for the case, offering credit monitoring for effected customers, and other expenses.  Following a data breach, a restaurant can expect to lose anywhere from 10-20% of their business, and take at least one full year to recover.

Six Measures to Help Keep Your Restaurant Secure

Maintaining a secure system within your restaurant has become something that every restaurant owner needs to address and constantly monitor. These 6 measures can help your restaurant secure cardholder information, without constricting network data flow throughout your restaurant.

  1. Limit Remote Access-This may be the most important of all, since not limiting remote access allows hackers from anywhere in the world a shot at entering your network. Only allow access to a limited number of trusted employees and vendors, and be sure to create a strong password that should be changed every 3-6 months.
  2. Maintain a Proper Firewall-Firewall systems should be installed by a systems professional who can ensure that your firewall is hardened, as well as supported by anti-virus software to protect it from any attempts at infection to disable the wall by hackers.
  3. Conduct Regular Scans-Shop around for a security vendor that will be able to perform a remote system scan on a regular basis to seek out vulnerabilities in your restaurant’s systems. Not only will they be able to scan your internal systems, but they can also scan external devices, such as credit card readers, to see if they have been compromised.
  4. Segment the Network-It’s becoming more and more common to see restaurant’s offer free Wi-Fi to patrons, but be sure to have a completely separate network to run your Point of Sales system on, as well as another network for security cameras, and additional networks for other systems you may run. The idea here is to create as many layers between your confidential information and the hackers who may be trying to get in.
  5. Encrypt Credit Card Data-Older Point of Sales systems and card readers send the raw credit card number to a back-end server, where it is then ran and charged. These older systems are easily compromised due to lack of encryption that new Point of Sales systems utilize. These new systems don’t store any data, thus rendering them useless to hackers.
  6. Check for Software Updates-Sure it may be annoying to do, but manufacturers and software companies frequently update their systems when a vulnerability has been identified. Point of Sales companies have entire departments constantly searching for weaknesses, so when they have an update, be sure to be up to date on it, or you could be a hacker’s next target.

All in all, cybersecurity is something restaurant owners need to be aware of in order to proactively protect their business. Contact RPA today to learn about other ways you should be protecting your restaurant!