Ryan Williams
Jeremy Julian

What to Do if You’ve Been Breached

January 24, 2015

What to Do if You've Been BreachedRemember the olden days when you had to use a pay phone or wait until you got to your destination to call someone? When was the last time you sent (or received) a handwritten letter? And if you couldn’t remember the name of that famous actor in that movie? Well, you’d just have to go to bed that night hoping your subconscious would wake you up with the answer.

Though you may have a love-hate relationship with it (you may even consider yourself a Luddite), we’re pretty sure you’ll agree that overall, technology is a good thing. It is responsible for countless advances in medicine, science, travel, manufacturing, law enforcement, IT – and fields we didn’t even know existed. It has saved lives, made jobs easier, allowed for instant communication, and made our homes, neighborhoods, and country safer.

What to Do if You've Been BreachedWe love technology. But every good thing has its price. Sadly, there are always nasty people who come along and try to ruin a good thing. Hackers are out there, prowling around the internet, looking for vulnerabilities so they can steal credit card data and other sensitive information for their greedy, fraudulent schemes.

As the Restaurant Technology Guys, we’re big fans of the latest and greatest technology. We love finding ways to help increase customer satisfaction, reduce staff errors, and expedite orders to increase revenue. However, as business owners, we also understand that technology should support a business, not harm it. Managing exposure to risk is a serious undertaking, and in the hospitality industry, protecting your brand reputation is of paramount importance.

According to Hospitality Upgrade Magazine, “Even if a compromise event never results in financial losses, it can still lead to a loss of customer loyalty and unfavorable brand reputation – if not dealt with quickly, thoroughly and openly” (emphasis ours). And that’s key: how you handle it.

Fortunately, there are steps you can take now to prevent a security breach, AND steps you can take in the event of a security breach that will help protect your customers and your reputation as a trustworthy establishment.

Bottom line: If integrating some new technology would benefit your restaurant, don’t let fear prevent you from doing it. Just be cautious, proactive, and honest.

Here are some tips on preventing a breach, and what to do if you’ve been breached:

STEP 1: Prevention is the Best Cure

Preventing a security compromise boils down to proactivity. First and foremost, regularly monitor your systems for early warning signs of a breach. Those warning signs include suspicious activity and malicious software or unusual code popping up in your system.

Here are some other important preventative measures:

  • Maintain compliance with the Payment Card Industry Data Security Standard (PCI DSS) and Payment Application–Data Security Standard (PA-DSS) — (This can get pretty technical, so you might want to consult a security specialist to ensure you’re compliant.)
  • Stay on top of security and software updates
  • Install a firewall that allows network traffic only where there is a defined business need
  • Be sure all sensitive data is encrypted and tokenized
  • Install anti-virus, anti-spyware, anti-malware, and intrusion detection software

Finally, set up protocols and measures you will take in the event of a security breach, so that if the unthinkable happens, you’ll be prepared to handle it like a well-oiled machine.

Shameless Plug Alert: CBS has 24/7 customer support (via phone, in-person, and in the field) by highly trained experts, as well as extensive learning opportunities for our customers to ensure optimum functionality and security of your Northstar and other systems.

Related Post: Protect and Secure Your Recipes!

STEP 2: TCB

TCB: Take Care of Business. No time to lose – if you have experienced a security breach, act immediately and openly.

Immediately: Take action to contain and limit the exposure of sensitive data. Begin a thorough investigation to determine the source of the breach and preserve any and all potential evidence. Follow your incident protocols.

Next: Alert all necessary parties, including your internal incident response and information security teams; your merchant bank (if applicable); and the appropriate law enforcement agency.

Now, notify your customers. You might be tempted to wait until you have more information, but it’s best to get the news of a breach to the public so customers don’t feel like you sat on the information and placed them at further risk. Plus, you want to anything that will make you look unprofessional, like the press leaking information that you haven’t yet provided.

Be transparent. Take responsibility for the security breach and express your regret. Then move onto the solution. Just as you took the blame for the compromise, now take credit for the solution. Let customers know what you are doing to remedy the problem, and what you’ll be doing to prevent it from happening again.

Put an executive on the front lines. Do not expect customers to be satisfied with a message from your IT department or lower level management. Hearing directly from the CEO or president will demonstrate that you are taking this very seriously and will help customers feel more at ease.

What are some other steps a restaurant can take to prevent or remedy a security breach? Tell us in the Comments section below!

 

 

Comments are closed.

The RTG Update

Once a month we send the latest RTG Podcasts, news and more right to your inbox.

  • ○ Trendsetting restaurant technology
  • ○ Tips on operations efficiency
  • ○ Real world advice for restaurateurs

Copyright

Copyright 2011-2017
Custom Business Solutions, Inc.