From mom-and-pop operations to large conglomerates, no restaurant is immune to the threat of a cyberattack. The impacts are real and can be devastating. However, regardless of the size of the restaurant, owners and operators can take steps to protect against cyberattacks and security breaches.
Here are several expert tips from Dr. Satyamoorth Kabilan, security expert, Cyber Security Centre, The Conference Board of Canada, to help you safeguard your business.
UNDERSTAND WHO IS AT RISK
Everyone processing or storing information is at risk from cyberattacks. Threats and attacks using spyware, phishing, hacks and ransomware are looking for business data, customer data, email addresses and passwords, credit-card numbers and even an employee’s personal information.
FIND OUT WHERE YOU ARE VULNERABLE
Kabilan notes cyberattack risks vary by the size of the restaurant and the types of data collected and used. “First,” he says, “ask yourself, ‘how much personal data do you hold?’ That’s usually a very big target. Secondly, ‘what happens if my system goes down or is compromised? What would I do, how long can I survive, and is my business still viable?’”
ELIMINATE BAD PRACTICES
An old PC running Windows 7 with personal employee information might not seem risky, but it’s one of the worst offenders. Similarly, keeping a file with logins and passwords for staff to access accounts and platforms poses a risk. Even using the same email address and password to login to numerous accounts is a no-no. Get a new computer, create separate logins for all users and use a password manager.
Updates fix vulnerabilities and protect against new threats. Kabilan stresses the importance of updates and urges restaurant owners not to use an outdated version of any software or operating system. “One of the biggest things we always advise, no matter what size the organization, is to patch and update. It’s a simple thing to do — no matter what size [your operation is] — and will help protect your organization from a cyberattack,” he says.
DON’T TRUST EMAIL
Although spam filters work to eliminate much of the obvious junk, emails impersonating an honest source (such as a boss or financial institution) are commonly used to extract information or plant malicious code. Don’t open attachments, follow links to websites, or transfer money unless you’re confident in the authenticity of the request and the source. Additionally, train all staff to do the same.
KEEP YOUR WI-FI SEPARATE
Unknown users on your Wi-Fi pose yet another risk to data stored on your network. Create individual Wi-Fi access points for each segment: one for guests, another for your POS and another for office admin.
INSTALL A FIREWALL
A firewall is a network-security system that uses pre-set security rules to control and monitor the flow of traffic. It’s installed to read data coming into the network and encrypt data going out, providing yet another layer of threat protection.
BACK UP YOUR DATA
Backing up is more than a best practice. In the case of a ransomware attack, the threat is null if there is a recent backup.
Written by Andrea Victory