Today, we’re finishing our series on Security with a throwback Thursday (#tbt) post where we discussed the “Top 5 Data and Network Threats for Restaurants… And What To Do About Them.” Be sure to also read our Security posts on how to Segment Your Network to Protect Data and Avoid Inconvenience and Checking your Locks: 5 Myths About Safeguarding your Data.
The Internet can be a scary place, especially if you stay abreast of the data breaches that businesses large and small suffer on a daily basis. Where should you focus your attention, so you can address the network security threats most relevant to your business? Let’s look past the noise of media headlines and examine the most common ways which cyber-criminals compromise restaurant networks:
- Misconfigured remote access tools allow attackers to guess passwords and connect using compromised logon credentials. Don’t use default or easy-to-guess passwords for applications and systems that you access over the network. If you employ tools that provide remote access to PCs within your restaurant, be sure to enable two-factor authentication. This feature ensures that in addition to knowing the right password, the person needs to supply a second factor, such as a number displayed on a key fob or phone, to prove that he or she is not an impostor.
- Missing software security updates give attackers the opportunity to infect your PCs using booby-trapped websites and emails. As the result, malicious software might stealthily find its way on your computer as a side-effect of your normal web browsing and email-writing activities. Be sure to regularly update the software installed on your restaurant’s systems, paying particularly close attention to Microsoft Windows, Office, Adobe Reader, Flash Player and Java. Automate the installation of security updates using vendors’ own or third-party tools.
- Insecure Wi-Fi signal, used by guests or employees, could offer unauthorized access the restaurant’s internal networks. Cyber criminals can exploit Wi-Fi configuration weaknesses, such poor encryption or easy-to-guess passwords, even without entering the restaurant. This may allow them to access business applications and payment systems as if the intruders were sitting in front of your PCs. To address this risk, separate critical networks from other wireless networks. Also, be sure to enable WPA/WPA2 encryption, select strong passwords and, whenever practical, employ a wireless intrusion detection system.
- Malicious software can be inadvertently introduced into your network by plugging in an infected USB key or laptop. The USB key or laptop might have gotten infected earlier and may be acting as virus carriers. Avoid plugging untrusted devices into computers or networks used for sensitive business transactions. Also, employ security tools, such as a firewall, antivirus software and application whitelisting, so that they protect you not only from threats coming from the Internet, but also from your internal network.
- Intruders can stealthily pilfer business records and customer data if you don’t restrict access to the Internet from the internal network. Set up your security measures with the assumption some safeguards might fail without your knowledge. To make it harder for the intruder to steal sensitive information, such as credit card details, configure your firewall to restrict access to the Internet. Your sensitive networks, such as your POS environment, should only allow access to the websites needed for POS, payment-processing related business functions.
Cyber-criminals employ diverse and often creative tactics for obtaining unauthorized access to IT infrastructure. Their goals involve misusing the victim’s computer systems, stealing data, wreaking havoc on the network and compromising the company’s brand. Due to the many venues for intruders to compromise your environment, it’s easy to be overwhelmed if you’re new to the world of data and network security. The five areas above offer practical ways to get started with safeguarding your business from cyber-criminals. If you don’t have the resources on staff to handle data security, enlist the aid of a company that specializes in addressing restaurants’ network security concerns.
Learn more about how NCR can help protect your restaurant.
Written by: Lenny Zeltser, Director, Product Management at NCR Corporation
Lenny Zeltser is a seasoned business leader with extensive experience in information technology and security. As a product management director at NCR, he focuses on safeguarding IT environments of small and midsize businesses world-wide. Lenny frequently speaks on security and related business topics at conferences and industry events, writes articles, and has co-authored books on forensics, network security and malicious software. He is one of the few individuals in the world who’ve earned the highly-regarded GIAC Security Expert (GSE) designation. Lenny has an MBA degree from MIT Sloan and a Computer Science degree from the University of Pennsylvania.
The post Top 5 Data and Network Threats for Restaurants… And What To Do About Them appeared first on NCR Hospitality Blog.Share