As the owner or manager of a restaurant operation, you need to be keenly aware of the standards required for those who accept credit and debit cards, such as Visa, MasterCard, American Express, Discover and similar credit or debit card providers. Even one breach can be devastating to the image of your business, and turn customers to your competitors.
Three Aspects of PCI Compliance for Restaurant Operators:
- Network infrastructure and security architecture
- Maintaining up-to-date software versions
- Security settings within the software programs
Responsibility for Security of Data Falls on Restaurant Owner/Operator
Being PCI data security compliant is the responsibility of the restaurant owner and managers. When setting up your business, this compliance is not visible as part of the routine activities of establishing a new business operation, such as obtaining business permits, licensing, inspections and similar restrictions of municipalities where the operations are located. But finding out all the standards and requirements is vital.
Maintaining Data Access Security in Compliance
In order to establish the highest security for your POS system, an important step, if you have not already done so, is to upgrade your POS software to a Payment Application Data Security Standard (PA-DSS) validated version.
- Check to see that your system is operating with a version of Windows that is currently supported by Microsoft on all of your operations’ POS hardware.
- Update your operating system anytime Microsoft releases a patch.
- Be sure your have unique Windows login usernames for each employee accessing the Aloha Back Office PC.
- Check to verify that your operating system, as well as your wireless Internet access tool, has a commercial grade firewall, able to be configured to restrict inbound and outbound traffic, and provided with ongoing updates and maintenance.
- Make sure that your system has antivirus software that is constantly updated and regularly scanning your system for viruses.
- Have a separate POS computer network for going online, routine e-mail activities and web browsing. For maximum security, the POS computers used for the Aloha Back Office system should be isolated from other normal computer access in a separate area. POS Data Security and PCI Compliancy must be your top priority for your system handling your customers’ data and your business’ transactions.
As leaders in the point of sale industry technology, Aloha and NCR have developed validated data security software completely integrated with all of their POS technology.
Network Security Suite Package
Hospitality Control Solutions can provide your restaurant operations with a complete Network Security Suite Package to help ensure your PCI compliancy with industry standards. This solution upgrades your existing security capability, lowers the risk for credit card and data breach, and encompasses these features:
- Site Shield—a manager commercial-grade hardware firewall service with extras
- Secure Access—a two-factor secured application for accessing the POS Back Office PC and network
- Threat Defender—an ongoing monitor and network defense service
The Breach Assistance program from Network Security Services, provides up to $100,000 in coverage in the event of a suspected or actual data breach.