5
Fall 2014 Issue
More than seven out of 10 U.S. dining establishments are single-
unit operations. Like all retail small businesses, restaurant
payment systems can be targets of data security intrusions as
cyber hackers see small businesses as easy opportunities for
criminal activities. There are hundreds of thousands of locations,
and, in the aggregate, millions of payment-card transactions.
Restaurants are increasingly vulnerable as innovative digital
solutions proliferate. Point-of-sale systems, WiFi, wireless
credit card processors and digital menu boards are among the
technologies that connect with restaurant networks through
IP addresses. It is important to remember that businesses are
responsible for protecting their guest’s credit card data from
cyber criminals just as they are responsible for keeping robbers
out of their establishments. In the area of data security risk
mitigation, restaurateurs have guidelines to assist them in the
form of payment-card industry data-security standards.
Six measures you can take to help secure cardholder information:
1. Maintain a strong firewall. The PCI data security standards prescribe
firewalls for compliance. Make sure your firewall is hardened and is
supported by virus protection software.
2. Conduct regular scans of your network. The best way to determine if
your systems have been compromised is to scan them regularly for
vulnerabilities. For relatively low annual fees, a security vendor will remotely
scan all of your external systems access points to determine if any are
vulnerable to intrusion. This service is analogous to having a regular pest
control inspection to identify infestations. Use a reputable, professional
company to conduct these electronic scans regularly.
3. Limit remote access. Many restaurants leave their firewalls open to outside
entry by mangers working remotely or vendors who routinely perform
maintenance on systems. Be sure to create strong passwords instead of
using the default codes, and change them often. Similarly, always change
default firewall settings to allow only essential access, and limit remote
access to secure methods such as VPN.
4. Ensure all credit card data is encrypted. If you have older POS equipment
that sends raw credit card data to a back-office server, it may be time to
upgrade. Modern, secure POS systems encrypt credit card data as soon
as a card is swiped, and they immediately send that data to the payment
processor without temporarily storing data. Double check your POS system to
make sure it complies with PCI standards.
5. Segment your network. For example, make sure your POS data traffic is
separate from your Wi-Fi system, security cameras, digital menu boards and
other connections. If you want to enable managers to connect to the POS via
Wi-Fi, connect them through a virtual LAN that separates authorized traffic
into a security zone.
6. Keep your software updated. Manufacturers frequently update operating
systems and POS software to tighten security and eliminate weaknesses
vulnerable to hackers. Make sure you download the latest operating system
patches and keep all POS software up-to-date.
Tips for the Trade
Six Measures to Guard Your Network from Hackers
Restaurants are increasingly vulnerable to cyber threats
