At the core of each successful restaurant, is a Point of Sale system. The restaurant POS system serves as the primary system for processing and managing transactions. Like any payment technology, it can be susceptible to data breaches and employee theft.
In fact, according to a 2014 report, the food and beverage industry ranks as the second most frequently compromised industry, with POS breaches accounting for 33% of investigations.
On top of that, a recent study showed 75% of employees admit to stealing from their employer at least once, amounting to $50 billion per year.
In an age of widespread debit and credit card usage – which results in increasing data and internal theft – it’s important that cyber security measures are in place to limit the possibility of stolen customer information.
For restaurants implementing a POS system, or for those that already have one in place, taking the necessary safety precautions will reduce the possibility of theft.
Let’s take a look at some POS security questions restaurants should be asking:
#1 – Is Our Online Access SSL Protected?
If a restaurant accesses POS information remotely, the code must be encrypted. Sensitive POS information, such customer demographics and credit card numbers, is susceptible to hackers if a restaurant fails to use an SSL certificate.
When online access is SSL protected, only the intended recipient can understand the transmitted information. My Digital Shield advises a 128-bit SSL encryption for credit card information transmission.
#2 – Have We Employed a Point-to-Point Encryption System?
Since restaurants are particularly susceptible to POS hacks, Gartner security analyst Avivah Litan suggests employing a point-to-point payment encryption. “They [restaurants] should look for vendors that offer it and insist their vendors supply that to them.”
Food Fanatics continues, “[Point-to-point payment encryption system] encrypts the data inside a POS Card reader until it reaches the payment processor. If hacked, the information would have no value because it would not contain any card numbers or personal information.”
#3 – Have We Installed Security Software?
POS security software can keep your data safe even when networks are down or forced offline. According to The SANS Institute (PDF), local authentication is “traditionally less robust and stores all transactions locally until the network is brought back online. By forcing the location to store all the transactions locally, this creates an opportunity for the bad actor to easily collect all the transaction information.”
Restaurants can protect their POS system at all times by using with security software that works without a network connection. “By locking down a trusted image to an approved whitelist, the security controls should be active and effective without dependency on software and signature updates,” notes McAfee.
#4 – Is Our Restaurant POS Software Up-to-Date?
Most POS system manufacturers frequently update their software in order to tighten security and eliminate vulnerabilities, according to the National Restaurant Association.
Restaurant owners should “make sure [they] download the latest operating system patches and keep all POS software up-to-date.”
#5 – Have We Changed Passwords or Scanned Recently?
Another way to limit internal and external theft is regularly testing and changing passwords. The Point of Sale News says a common mistake in maintaining maximum security is the use of no password, a weak password, or a password that’s been the same for a long period of time.
If you’re creating a password for the first time, make sure it’s strong enough (the factory default, POS vendor name, and restaurant name are not suggested).
Routine tests for vulnerabilities and compromises are essential too. “Regular scanning is the most effective way to determine whether your systems are at risk or have already been compromised,” continues The Point of Sale News. Whether this is done in-house or remotely, it’s an important step in catching potential entry-points for hackers.
A restaurant POS system contains a wealth of information, making it attractive to hackers. Restaurateurs need to protect their software system in order to keep guests’ identities safe.
Restaurants that employ these security tactics lower their chances of seeing customer information and money in the wrong hands. This strategy improves customer trust.
What tactics do you use to keep your restaurant POS system secure?