Advertisement
06/15/2021

As Restaurant Brands Go More Digital, Cybersecurity Becomes Table Stakes 

Insufficient cybersecurity presents unnecessary risk to brand and revenue streams. Here's why you should consider a layered defense approach to securing the POS.

Digitization is the buzzword of the year for the restaurant industry, and new technologies have cropped up across channels. Integrations like online ordering, kiosks, mobile apps, and mobile POS have transitioned from nice-to-have, to need-to-have.

For many, this meant quick adoption to stay competitive, and now it’s time to shift perspective to the impact these technologies can have in the long run on your business. Rushed integrations, poorly evaluated solutions, or unprotected endpoints can have severe operational and reputation-damaging effects.

While marketing and brand identity are major in the restaurant industry and require significant investment every year, one critical investment is left on the table far too often: risk and reputation mitigation through proper cybersecurity. Insufficient cybersecurity presents unnecessary risk every day, and breaches can pose a serious threat to brand and revenue streams.

Brand reputation relies heavily on consumer trust. Do they trust you to provide great and consistent service every visit?  Do they trust you with their payment information in-store? Can they trust you to safeguard their data on an app?

If brand protection is important to you, security should be too. Avoiding compromise means understanding your attack surface, and for most, it’s the POS environment. Before diving into the best way to secure the POS, you should be aware of the wide-reaching implications of compromise in the POS environment.

graphical user interface

What You Stand to Lose 

A Forbes Insight report found that 46% of organizations suffered damage to their reputations and brand value as a result of a data breach.  Not considering the hard costs of mitigation, including fines and downtime, breaches impact the way customers view and interact with your brand. More than one third of respondents to a 2019 study by Ping Identity would stop engaging with a brand altogether if it had experienced a breach.

The restaurant industry can be a lucrative space for threat actors, with the promise of payment data on in-store POS systems, online and in applications. It is clear that securing the POS environment – and all the connecting endpoints around it – is key to an overall effective cybersecurity strategy and retaining customer trust.

A Layered Defense Approach to Securing the POS

While securing the POS requires some investing, it does not need to be expensive. The best way to start is to prioritize layers of defense.

  1. Make sure your POS environment is compliant with PCI DSS standards.

These standards protect both the merchant and the customer. Ensuring compliance means you will equip your systems with point-to-point-encryption, updated anti-virus software and so many other essential pieces to the cybersecurity puzzle.

  1. Segregate networks within the store.

 The POS network should be well isolated from other networks in the store environment to keep risk of compromise low. For example, if a hacker sent a phishing email to the manager’s computer and infiltrated the network from there, they should not be able to simply sidestep over into the POS environment.

  1. Evaluate implementation security and resilience.

 While new and innovative integrations like ordering systems in the cloud can be a valuable addition to operations, you must take a critical eye to the security and resilience of the integration.  If, for example, one system went down due to compromise, will every store in your environment not be able to receive orders? Working with a carefully evaluated provider can ensure that these additions are made with resilience in mind.

  1. Add staple security measures.

Just covering your cybersecurity bases is an excellent start to protecting your brand. Implementing a firewall, securing the Wi-Fi and conducting regular vulnerability scans can be the foundation of a solid security posture. A trusted partner can help with the execution and provide ongoing services that add to your layered defense.

While cybersecurity may not be top-of-mind for many in the restaurant industry, it needs to be. Ask yourself each year, is your restaurant technology optimized for the new normal? Proper security controls put up a guardrail for store operations, customer trust and positive brand identity. For continued success in the digital era, start investigating the levels of risk at your restaurant locations with some helpful resources, and add cybersecurity to your budget ASAP.

About the Author

Jason Graf is the Vice President of Product Management – Secure Edge Networking at Netsurion. Jason has spent 20+ years in IT and cybersecurity. In 2018, he joined Netsurion to ensure business needs are met by the edge networking technology platform and services.

a person posing for the camera
Jason Graf is the Vice President of Product Management – Secure Edge Networking at Netsurion.

While cybersecurity may not be top-of-mind for many in the restaurant industry, it needs to be. Ask yourself each year, is your restaurant technology optimized for the new normal? Proper security controls put up a guardrail for store operations, customer trust and positive brand identity. For continued success in the digital era, start investigating the levels of risk at your restaurant locations with some helpful resources, and add cybersecurity to your budget ASAP.

ABOUT THE AUTHOR

Jason Graf is the Vice President of Product Management – Secure Edge Networking at Netsurion. He has spent 20+ years in IT and cybersecurity. In 2018, he joined Netsurion to ensure business needs are met by the edge networking technology platform and services.