If your restaurant accepts credit cards, you’ve probably heard of “PCI compliance.” Every restaurant – big or small – must comply with the PCI Data Security Standard if they accept credit cards. Established by major credit card brands, this standard helps protect customer credit card data and safeguard against the threat of a data breach.
By securing customers’ payment cards and information, PCI compliance will not only help you avoid penalties and liability associated with a breach, but it will also build customer loyalty. About 6 out of 10 customers say they’d never return to a business where their credit card information was stolen.
If you’re interested in reaching PCI compliance, here are some tips to improve your restaurant’s data security.
The best way to establish a secure computer network for your POS system is to segment it from your other networks. Keep your POS system behind its own firewall and on its own router, away from other networks such as the Wi-Fi you provide to your customers or the back-office computer where you surf the internet. This segmentation will make it harder for hackers to reach your POS and payment card data through those other networks.
In the eyes of the law, merchants are responsible for their employees’ actions with card data security. Establish a policy for how employees should handle payment card information and train your staff. A simple and concise policy will clear up any confusion front or back-of-house staff members may have when it comes to their security responsibilities. Work closely with your employees to craft a plan that gives everyone an equal part in protecting cardholder data.
One of the easiest ways to increase security is to limit access to stored cardholder data and create a unique ID for each employee that signs in to your restaurant’s POS system. By only giving employees access to the information they need, you’ll reduce the chances of cardholder data getting into the wrong hands.
Check in with your restaurant’s processor or hosting provider to ensure your restaurant’s security systems are being regularly tested. You should also monitor cardholder data from time to time so that suspicious activity doesn’t go unnoticed.