Handling electronic data is an unavoidable part of operating any business today, but what would happen to your restaurant if that sensitive information was the target of a cyberattack? We tend to remember big, scandalous data breaches like Equifax or Sony, but that’s only because they are highly publicized. In reality, an estimated 90% of cyberattacks affect small businesses and the average cost of one is $116,967. Couple that with loss of customer trust and suddenly it’s no surprise that 60% of small businesses go out of business within 6 months of a data breach.
5 Cyber Security Tips to Keep Your Restaurant Business Safe
1. Use different passwords for your accounts.
Using the same password for multiple accounts means easy access to more assets if it gets in the wrong hands.
- Don’t use default or common keyboard patterns for passwords (e.g., 123456, QWERTY)
- Create strong passwords by mixing upper and lowercase letters, using numbers and symbols, and avoiding common words
- Use different passwords for different sites—you can use a password manager to keep track of them
2. Don’t open suspicious email attachments.
Phishing, or posing as a trustworthy entity to trick recipients into revealing sensitive info, is one of the most common ways criminals steal important data. Clicking on a phishing attachment can install malware or ransomware in order to steal account usernames and passwords.
- Before opening an email, consider whether the message is from someone you know and if you’re expecting the email. If not, you may want to delete it or report it to your email provider
- Look for spelling errors or strange email addresses in the message, which may be a sign of a phishing attempt
3. Don’t send unsecure, sensitive data electronically.
Emails and instant messages that contain private information need to be encrypted. Cybercriminals are adept at intercepting and stealing sensitive data, including customers’ credit card numbers and employee personal information.
- Password protect all sensitive documents. Provide the password to the recipient in a secure way
- Encrypt emails containing social security numbers, financial data or passwords. Refer to your email provider for instructions
- Use OTR (off-the-record) messaging to automatically encrypt sensitive info sent via instant messages. Some messaging services have this feature built in, or it can be added as a plug-in
4. Secure your Wi-Fi networks.
Restaurant owners are increasingly at risk as it becomes more common to offer free, open-network Wi-Fi to their customers
- Provide a separate Wi-Fi network for customers and designate a private network for business activities, so customers can’t easily tap into any sensitive information
- Secure both Wi-Fi networks with different passwords and display the customer password on an easily accessible sign
- Hide your business’s private Wi-Fi network name—it won’t show up when customers are looking to connect to a network and tempt them to tap into it
5. Educate employees about data security.
All employees should be made aware of your cybersecurity policies, know how to spot phishing emails, and be aware of protocol if they notice suspicious activity on accounts.
- Have a policy in place so employees know what constitutes a cybersecurity threat
- Encourage employees to report any suspicious activity, no matter how small or insignificant it may seem
- Remind employees about the dangers of weak passwords and the risk of online accounts being compromised. Encourage them to change their account passwords every 4-6 months.
As a restaurant owner, you may not think data security should be at the top of your to-do list, but it should be. With the increasing use of credit card payments, delivery systems, and mobile and online ordering—where customers are providing their names, emails, credit card info and physical addresses—restaurants are a lucrative target for cybercriminals looking to profit from customers’ personal data and payment information.