Best Practices for Ensuring Facilities Management Data Security
Cybercrimes in the highly connected, digital world we live are inevitable. Restaurants, especially large-scale chains, are no exception to this rule. Restaurants today operate massive point of sales systems that process very sensitive financial data, including tens of thousands of credit card information. This makes restaurants an attractive target for bad actors in the cyberworld known as hackers, generating alarming headlines like this one.
In fact, several of the largest food chains have been impacted by data breaches in recent years. In 2017, Chipotle reported a data breach that affected 2,250 of its restaurants, and more recently, three Disney Springs restaurants were caught in a data breach involving credit and debit card information, spanning over a 10 month period.
Restaurants also generate a lot of data about their facilities, contractors, and payments across multiple locations and there needs to be a safe and secure place to store it all. For restaurant managers, implementing a facilities management software that not only streamlines your existing processes, but ensures your company does not become at risk for sensitive data loss, is critical.
In this post, I’ll dig into 5 of the best practices for ensuring facility data security at your restaurant:
Deploy Secure Cloud-Based Software
Like any connected enterprise, restaurants are working with large amounts of facility data, such as work orders, assets & equipment, and contractors. Having visibility of this data throughout the work day is essential for the upkeep of a restaurant, where no two days are the same.
Cloud-based software with the appropriate levels of security and data management best practices allows both restaurant managers and the facility management team to remotely access their FM data at any time, such as the current status of work orders:
Say a dishwasher stops working. Employees need to know when the work order was sent out and what the ETA is on someone to arrive and repair it. This information helps staff figure out how long they will need to hand wash dishes or how the delays will affect production speed for the rest of the restaurant. When all parties are in the know about critical issues, it leads to better collaboration and faster resolution.
With cloud systems you can also easily establish different levels of user access and authentication. This is an important safety element when external users such as contractors or service providers view work order details and invoice information. By isolating the software application from external users, it eliminates the possibility of unauthorized access and viewing sensitive data.
Put Backup Processes in Place
Everyone who runs a large business knows the reality of needing to be prepared for worst-case scenarios. As much as we want to feel confident in our data management software, there should always be a process in place for backing up all data in case it is subject to a breach or attack.
Imagine if your FM system was hacked and your invoicing information was leaked. Not only would this severely impact the ability to pay individual invoices or approve payments in bulk, but it would also tarnish your reputation with contractors who are counting on FM system to be secure and accurate.
While this is definitely ‘worst-case scenario’, having technology that automates the data backup process and securely stores your backups in multiple locations is critical in avoiding the repercussions of a data breach.
Ensure Disaster Recovery
Along the same vein as ‘worst-case scenario’, restaurant managers need to think about how they will protect their data in the case of a data center or individual equipment failure.
A weather-related emergency can cause your power supply to be interrupted and regular restaurant functions put on hold. While working to get everything back up and running, restaurant managers need to be worried about the impact delays will have on the customer experience, how payments are going to be processed, and of course, data security.
Data security issues due to power loss can often be avoided by having data spread across Availability Zones. While you are working to get your system back to maximum capacity, FM software will stunt your vulnerability to a data breach and the potential for more disasters.
Encrypt Your Data
Encryption, the process of using an algorithm to encode information so that only authorized parties can access it, is a critical layer to data security. You will want to ensure the software you use encrypts every piece of information that plays a role in restaurant operations, such as company and contact information, service requests, work history, reports, proposals and invoices.
Data encryption has proven to be one of the most popular and effective data security methods used by organizations.
Make Sure You Are Compliant
The restaurant industry has standards in place that ensure that sensitive data, once entered into a system, is protected from unauthorized use. Any business that accepts credit cards as a form of payment is required to be PCI compliant. This is a security standard developed by major card brands to help protect customers’ data and safeguard against the threat of a data breach.
Service organizations are also now required to be SSAE 18 compliant. Under these guidelines, organizations need to have a specific management program for their third-party vendors. It also requires implementing a formal Annual Risk Assessment process, detailing a specific plan proposing how a company will handle risk management.
Not meeting these standards, or being non-compliant, can bring your restaurant into major legal or financial trouble. One way to ensure you are maintaining compliance is by making sure all of your procedures, processes, systems, and controls have been formally evaluated by an independent auditing firm.
Cybersecurity in the restaurant industry has been a prevalent issue for years. According to the latest IBM data breach report, the global average cost of a data breach is now $3.26 million - a 6.4% increase from 2017. Thankfully there are a number of best practices you can implement into your business strategy that have proven to help the safety of your business and customers. Continue to stay up to date on security trends, and your restaurant can continue feeding happy customers for years to come.
About the Author
Lev Kurts is the CTO at ServiceChannel, ensuring that the company has an innovative and credible technology strategy and plan that supports its business goals. Lev has nearly a decade of experience in managing highly distributed teams responsible for the design and development of business-to-business software solutions. Before joining ServiceChannel, Lev served as Director of Product Management at Workspeed Management where he led the product line strategy and roadmap and was fully responsible for the design and market delivery of multiple product versions and dozens of customer-driven features.