Media Kit

Fb Share

A Wall Street Journal article, Hackers Shift Attacks to Small Firms, has many more people paying attention to security issues, and for those of us in the security industry, we welcome the shift in attitude. As a security provider, we constantly have to answer the question, "Why should someone as small as me take security seriously?" Before this article, we had to site our own experiences with helping small merchants who came to us after they had been breached. Due to our confidentiality agreements, and the interest of our customers, we rarely have been able to discuss details with other small merchants who were vulnerable. This article is a welcome sight to those of us in the trenches who are trying to spread the word that computer hackers are real and that they love small businesses. On the whole, few businesses are more vulnerable than small QSR and fast casual restaurants for the following reasons:

  • There is rarely an IT budget for security.
  • It would be unusual to have someone on staff who fully understands credit card security.
  • There is a huge amount of turn over in the industry. Think about how easily a hacker could get hired as a dishwasher, plant malicious software on a system that steals credit cards and leave. No one would notice another short term employee.
  • And QSR and fast casual restaurants go through a large volume of credit cards in a day. Unlike many other retail environments where there are a few high-dollar sales per day, a successful restaurant sees hundreds of people who pay with credit cards.
  • To speed up the check-out process and manage the store efficiently, most successful restaurants have adopted an integrated POS system that is really a computer network running a specialized software package that frequently stores credit cards and processes them over the Internet at the end of the night.

When you put all of this together, you could not ask for a better target if you were a hacker looking to steal credit cards. Theft is a business to cyber crooks. They want the most return for the least amount of effort, so the educated merchant does what is necessary to make his location less attractive to on-line thieves.

One source that merchants can used as a guide is the Payment Card Industry Data Security Standard (PCI), which is the minimum security the credit card brands expect from a merchant who accepts credit cards. The current standard can be found at The PCI Security Standards Council's web site. In PCI, a merchant can find several security measures designed to deter hackers from attempting to steal their credit card data. Even if a mom-and-pop restaurant cannot meet all PCI standards, it would be better to implement the security measures that are practical today, than to ignore the problem altogether. While it is important for every business to become fully PCI complaint, the first goal for any security plan it to make your business difficult to break into, so a thief will move down the road and hit an easier target.

Slowly but surely, more businesses are getting the message – Acting now is better than being a victim in the future.

Related Content

User Comments – Give us your opinion!
Products & Services

LG 84WS70BS-B

http://global.networldalliance.com/new/images/products/6419.png

6419/LG-84WS70BS-B

LG 32LN549E

http://global.networldalliance.com/new/images/products/6457.png

6457/LG-32LN549E

LG 47WS50BS-B

http://global.networldalliance.com/new/images/products/6433.png

6433/LG-47WS50BS-B

Check Point

http://global.networldalliance.com/new/images/products/1843.png

1843/Check-Point

Digital Menu Boards

http://global.networldalliance.com/new/images/products/6681.png

6681/Digital-Menu-Boards

Online Ordering

http://global.networldalliance.com/new/images/products/5931.png

5931/Online-Ordering

LG 47WS50MS-B

http://global.networldalliance.com/new/images/products/6431.png

6431/LG-47WS50MS-B

ReadyHire- a full-service recruitment approach for restaurants

http://global.networldalliance.com/new/images/products/6351.png

6351/ReadyHire-a-full-service-recruitment-approach-for-restaurants

Integrated CRM

http://global.networldalliance.com/new/images/products/7071.png

7071/Integrated-CRM

Free Menu Board Media Player Promotion

http://global.networldalliance.com/new/images/products/6675.png

6675/Free-Menu-Board-Media-Player-Promotion

PCI Compliance & Network Security

Latest posts by Brad Cyprus
Brad Cyprus
Bradley K. Cyprus has more than 20 years experience in the security industry. He manages the development of in-house solutions to validate compliance, and he is a resource that Vendor Safe customers can rely upon to help interpret the PCI standard.
Fast Casual Executive Summit
Request Information From Suppliers
Save time looking for suppliers. Complete this form to submit a Request for Information to our entire network of partners.