Eye on Hospitality: Protect Your POS Systems!

Eye on Hospitality: Protect Your POS Systems!

By Paul Schlienz

“Ooh, baby, baby, it’s a wild world,” Cat Stevens sang in 1970, and if anything, the world is even wilder and more dangerous today than it was nearly 50 years ago. Threats that could barely be imagined in the 1970s, are everywhere today, and if you’re running a business, you need to get prepared.

Nowhere is this truer than in the realm of cybersecurity. As we detailed, in August, the Washington Hospitality Association met with representatives of the Seattle Office of Federal Bureau of Inspection (FBI) and the U.S. Attorney’s Office in Seattle. The reason for this meeting was to alert us of the growing threats to the hospitality industry from cybercriminals.

Even more recently, Sonic, the drive-in quick service chain, saw customer credit and debit cards stolen through a hack to its POS systems.

The breach was but the most recent in a series of recent data security breaches, including hacks of Whole Foods, and Equifax.

The Internal Revenue Service (IRS) has some good recommendations on how to protect your POS system data. Everyone who operates a hotel or restaurant needs to take heed.

According to the IRS, you need to

Identify and control who can access your data. Perform routine background checks on employees. Limit access to the system. Require individual user accounts for each employee. Create policies and procedures for information security. List the types of information you store and use. Maintain an inventory of IT-related equipment. And remember: Many hacks occur through wireless printers hooked to networks that still use a manufacturer’s default password. Never forget to change that password, or your data will be completely unprotected from hackers.

Use the latest hardware and software. Patch your operating systems and applications. Install and activate firewalls on all business networks. Secure wireless access points and networks. Activate web and email filters, and use encryption for sensitive business information. Get rid of old computers and media safely. Think seriously about putting an IT specialist on retainer to protect your business.

Install and update anti-virus, anti-spyware and anti-malware programs. Hackers frequently use email attachments to steal your data. Open the infected attachments and you’ll unleash viruses that compromise your system. Employees who log in to Internet sites using saved user names and passwords are also in danger of creating an opening for hackers. Keep all anti-virus programs updated and activated at all times since this is one of the best ways to detect security issues.

Put together a response plan in the event of data and information security incidents. If a data breach occurs, determine who makes the decision to begin recovery procedures and shut down the system and/or move to a backup site. List people and agencies to be contacted, including law enforcement, the IRS, state taxing agencies, attorneys, insurance providers and cyber-security professionals.

Back up everything of importance. Always remember to create full backups of important business data/information. Do it routinely, if not daily.

The bottom line: Protect yourself. It really is a wild world out there.

Read more
Categories: News Room