Restaurant owners face a lot of financial challenges, from thin profit margins to negative online reviews. But there’s one big financial threat restaurant owners aren’t thinking about: cyber-security. In 2018, Chili’s, Dunkin’ Donuts, and Panera were among the restaurants hit with data breaches, and recent data shows restaurants and hospitality businesses are the most common target of cyber attacks.
Large restaurant chains can weather the high costs of a data breach, but small businesses don’t have the same luxury. That means prevention must be a top priority. Unfortunately, many restaurateurs don’t appreciate the importance of spending money on cyber-security or think they’re already doing enough to protect customer data. In truth, huge holes exist in the cyber-security practices of most restaurants.
Large restaurant chains can weather the high costs of a data breach, but small businesses don’t have the same luxury. That means prevention must be a top priority. Unfortunately, many restaurateurs don’t appreciate the importance of spending money on cyber-security or think they’re already doing enough to protect customer data. In truth, huge holes exist in the cyber-security practices of most restaurants.
Social Engineering in the Restaurant Industry
When cyber criminals want to target a restaurant, they often start with its employees. With high turnover in the restaurant industry, training employees on data protection best practices might seem like it’s not worth it. The problem is, hackers and fraudsters know that staff is the weakest link, and they exploit that vulnerability with sophisticated social engineering attacks.
Front-of-house restaurant employees should be trained to spot fake credit cards, use EMV chips whenever available, avoid keyed transactions, and never share POS passwords with fellow employees. If you’re still using call-in ordering, now is the time to switch to online ordering. Restaurant owners should also be careful about who they hire: While not the most common way data breaches happen, it’s not unheard of for rogue restaurant employees to use credit card skimmers to steal customer data.
Meanwhile, management and operations staff must understand the importance of never clicking on suspicious links and email attachments, even when they appear to come from a trustworthy source. Establish protocol for accessing your restaurant’s sensitive data, and instruct employees to notify you if requests for passwords, account information, or other data occur outside of that protocol. Social engineering attacks rely on a sense of urgency and fear to compel employees to release confidential information; by setting expectations ahead of time, you help your staff keep a cool head.
Meanwhile, management and operations staff must understand the importance of never clicking on suspicious links and email attachments, even when they appear to come from a trustworthy source. Establish protocol for accessing your restaurant’s sensitive data, and instruct employees to notify you if requests for passwords, account information, or other data occur outside of that protocol. Social engineering attacks rely on a sense of urgency and fear to compel employees to release confidential information; by setting expectations ahead of time, you help your staff keep a cool head.
Cybersecurity Vulnerabilities in POS Systems
There’s one more big vulnerability that restaurant owners need to worry about: their POS system. As Tech Talk explains, POS systems are often poorly-secured, running on outdated operating systems and secured by weak passwords. Unlike an office environment, where slowing systems might tip employees off to a data breach, POS systems are used for brief transactions by a wide range of employees. As a result, breaches go undetected more easily.
Choosing the right POS system protects restaurateurs against data breaches. A quality POS system updates automatically, so you don’t have add software updates to your already-busy schedule, and notifies you of unusual activity on the system.
If you don’t know the last time your POS system was updated or you’re relying on staff to tell you when it’s lagging, it’s time to upgrade your business’s POS system. Take a look at your payment processor while you’re at it: If you’re using a secure POS terminal but your credit card processor is vulnerable, your whole system is at risk. Rather than looking for the cheapest option, search for a credit card terminal with encryption and fraud protection so you don’t have to worry about it.
When you’re running a restaurant on tight margins, it’s hard to justify spending money on a cost center rather than your profit centers. But data security is one investment that is undeniably worth it. With a few smart upgrades and employee training, you can protect your restaurant against a disastrous data breach.
Choosing the right POS system protects restaurateurs against data breaches. A quality POS system updates automatically, so you don’t have add software updates to your already-busy schedule, and notifies you of unusual activity on the system.
If you don’t know the last time your POS system was updated or you’re relying on staff to tell you when it’s lagging, it’s time to upgrade your business’s POS system. Take a look at your payment processor while you’re at it: If you’re using a secure POS terminal but your credit card processor is vulnerable, your whole system is at risk. Rather than looking for the cheapest option, search for a credit card terminal with encryption and fraud protection so you don’t have to worry about it.
When you’re running a restaurant on tight margins, it’s hard to justify spending money on a cost center rather than your profit centers. But data security is one investment that is undeniably worth it. With a few smart upgrades and employee training, you can protect your restaurant against a disastrous data breach.