NRA We Serve America's Restaurants Representing nearly 500,000 restaurant businesses, we advocate for restaurant and foodservice industry interests and provide tools and systems that help members of all sizes achieve success.
    NRAEF Building & Retaining Talent The NRAEF is focused on developing a stronger workforce and building the next generation of industry leaders through education, scholarships and community engagement.
  • NRA Show
    NRA Show May 19-22, 2018 As the international foodservice marketplace, the NRA Show provides unparalleled opportunities for buyers and sellers to come together, conduct business and learn from each other.
  • ServSafe
    ServSafe Minimize Risk. Maximize Protection. For over 40 years, ServSafe® training programs have delivered the knowledge, leadership and protection that have earned the trust and confidence of business leaders everywhere.

National Restaurant Association - 6 measures to protect your network from hackers

Skip to navigation Skip to content

Manage My Restaurant

Email Print

6 measures to protect your network from hackers

More than seven out of 10 dining establishments in the United States are single-unit operations. Like all retail small businesses, restaurant payment systems can be targets of data security intrusions.

Criminals see small businesses, including restaurants, as easy opportunities for criminal activity. There are hundreds of thousands of locations, and, in the aggregate, millions of payment-card transactions. Data security is one of many risk areas owner-operators must manage and shortcomings persist in many restaurant network-security practices.

Restaurants are increasingly vulnerable as innovative digital solutions proliferate. Wi-Fi, security cameras, point-of-sale systems, wireless credit card processors and digital menu boards are among the technologies that connect with restaurant networks through IP addresses.

Each IP address on a restaurant network is a potential entry point for cyber criminals, and many unsophisticated networked solutions cannot distinguish between “good” and “bad” traffic.

It is important to remember that businesses are responsible for protecting their customer’s credit card data from cyber criminals just as they are responsible for keeping robbers out of their establishments. In the area of data security risk mitigation, restaurateurs have guidelines to assist them in the form of payment-card industry data-security standards.

Keeping your network safe

Despite vulnerabilities, new digital solutions can improve operations, enhance the customer experience and boost the bottom line. It’s not necessary or cost-effective to put non-payment solutions on a separate physical network to isolate them from cardholder data.

These six measures can help secure cardholder information while allowing normal network data flow in your restaurant:

  1. Maintain a strong firewall. The PCI data security standards prescribe firewalls for compliance. Make sure your firewall is hardened and is supported by virus protection software.
  1. Conduct regular scans of your network. The best way to determine if your systems have been compromised is to scan them regularly for vulnerabilities. For relatively low annual fees, a security vendor will remotely scan all of your external systems access points to determine if any are vulnerable to intrusion. This service is analogous to have a regular pest control inspection to identify infestations. Use a reputable, professional company to conduct these electronic scans regularly.
  1. Limit remote access. Many restaurants leave their firewalls open to outside entry by mangers working remotely or vendors who routinely perform maintenance on systems.Create strong passwords instead of using the default codes, and change them often. Similarly, always change default firewall settings to allow only essential access, and limit remote access to secure methods such as VPN.
  1. Ensure all credit card data is encrypted. If you have older POS equipment that sends raw credit card data to a back-office server, it may be time to upgrade. Modern, secure POS systems encrypt credit card data as soon as a card is swiped, and they immediately send that data to the payment processor without temporarily storing data. Double-check your POS system to make sure it complies with PCI standards.
  1. Segment your network. For example, make sure your POS data traffic is separate from your Wi-Fi system, security cameras, digital menu boards and other connections. If you want to enable managers to connect to the POS via Wi-Fi, connect them through a virtual LAN that separates authorized traffic into a security zone.
  1. Keep your software updated. Manufacturers frequent update operating systems and POS software to tighten security and eliminate weaknesses vulnerable to hackers. Make sure you download the latest operating system patches and keep all POS software up-to-date.

Addressing these issues is a smart step to help you protect your customers’ data, your reputation and the integrity of your payment card processing environment.

This content was provided by ANX/Earthlink. 

▲ Back to Top

Find Health Care Solutions

Health Care HQ 2017

Meet Business Needs


We're glad you're here!®

® 2012-2017 National Restaurant Association. All rights reserved.

2055 L St. NW, Suite 700, Washington, DC 20036
(202) 331-5900 | (800) 424-5156