Don’t phish for answers. Protect yourself from cyber harm

Cyber criminals target companies of all sizes, but small and independent businesses, like restaurants and retail operations, can face the greatest risk. The reason: They often lack the security infrastructure that larger businesses possess to adequately protect the systems that store, access, and disseminate the data they collect. That’s why knowing and practicing some cybersecurity basics can help reduce the risk of cyberattacks now and in the future.

As we head into the new year, here are 6 tips to help protect your businesses from cyber harm.

1. Protect your networks. Secure your internet connection by encrypting information and using firewalls. Encryption protects information sent over your network so it can’t be read by outsiders. If you have a Wi-Fi network, make sure it’s secure and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it doesn’t broadcast the network name, known as the Service Set Identifier (SSID), and password-protect access to the router. If you have employees working remotely, use a Virtual Private Network (VPN) that allows them to securely connect to your network away from the office.
2. Limit access. Know who has access to your equipment and data sources. By limiting who can use or log into your restaurant’s computer server, you can prevent rogue or careless employees from inadvertently downloading hostile or intrusive software, including computer viruses and other malicious programs.
3. Train your staff appropriately. Employees should be informed about who’s responsible for your systems, and who can give authorization for internal access as well as access to service technicians and other third-party vendors, such as distributors. Create a culture of security by implementing a regular employee training schedule and by updating them when you find out about new risks and vulnerabilities.
4. Practice password security. One of the most common ways hackers get into computers is through weak passwords or passwords that came preloaded on the system. Require the use of strong passwords that typically consist of at least 12 characters. They can include a mix of numbers, symbols and capital and lowercase letters. Do NOT reuse passwords, and don’t share them in texts or by email. Remember to protect your data by changing passwords regularly, too, especially after employee or vendor turnover.
5. Enable multi-factor authentication when accessing areas containing sensitive information. This requires an extra step beyond logging in with passwords, such as incorporating a phrase, PIN, or even face recognition. You can also ask your vendors if they, too, offer MFAs for financial, accounting, or payroll accounts.
6. Protect payment card data. Comply with Payment Card Industry Security Standards Council (PCI SSC) standards. Work with your banks or card processors to ensure you’re using the most trusted and validated tools and anti-fraud services. You may also have additional security obligations related to agreements with your bank or payment processor. Be sure to isolate payment systems from less secure programs, and DO NOT use the same computer to process payments and casually browse the internet.

For more information on cybersecurity protections for the foodservice industry, download the National Restaurant Association’s Digital Security 101 and 201 guides to Protecting Restaurant Data.