The Florida Restaurant and Lodging Show in Orlando, Florida was full of great information and new ideas this year. Walking the floor, we were able to catch glimpses of what is hot in the industry – and specialty coffees, smoothies, frozen yogurt and ice cream took the cake for representation. After sampling some delicious rocky road and grabbing a strong cup of joe, we were able to head to an educational session by Rich Peterson, President of Abacus Business Solutions, an Aloha Solution reseller. The session, titled PCI Compliance Done Right – Stop Risking Your Business, highlighted 12 things you can do to protect yourself from an expensive, reputation-destroying data breach.

1. Install & maintain a firewall configuration to protect data – Firewalls controls what comes into your computer, what goes around inside your computer, and which websites can and can’t be visited.
2. Do not use vendor supplied defaults for your system passwords – 123456, password, letmein, 11111… Do any of those sound familiar? If you can guess it, so can anyone else.
3. Protect stored cardholder data.
4. Encrypt transmissions of cardholder data across open, public networks.
5. Use and update anti-virus software – You can purchase a subscription that will allow you to update your software each time a new edition comes out.
6. Develop and maintain secure systems and applications.
7. Restrict access to cardholder data on a need-to-know basis – Does your assistant manager have more clearance than he or she actually needs?
8. Assign a unique user ID and password to each person with computer access.
9. Restrict physical access to cardholder data – In other words, make sure to lock the door!
10. Track and monitor all access to network resources and cardholder data.
11. Regularly test security systems and processes.
12. Maintain a policy that addresses information security for employees and contractors and have a plan in place to respond if a breach does occur.

Many of Rich’s points are things that can easily be done today to help protect your business against a data security catastrophe, but the #1 thing we took away from his session wasn’t even one of the points – it was a statistic that the #1 way breaches  occur is around insecure remote access software. If you have insecure remote access software on your computer that has access to your POS solution, you’re putting your business at risk.

Rich recommended instead of using a generic remote access software, that an operator look at the Aloha Command Center solution, which allows access to real-time reports and alerts without compromising the system. Advanced security features allow remote access to sites for problem resolution while protecting systems and guest data. When the reality is that a data breach can cost up to $100,000 and cause irreparable reputation damage, remote access software isn’t something to play around with.

Tags: Aloha, data security, Florida Restaurant and Lodging Show, PCI Compliance

This entry was posted by Leigh Pinkston, Social Media Manager on Wednesday, September 14th, 2011 at 10:02 am and is filed under Hospitality, Retail, Sports and Entertainment. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.