The data breach at Target should make you nervous. The reason is not because of the personal data that may have been stolen, but the way hackers infiltrated Target’s systems. Published reports state it is likely that the breach went through a refrigeration and HVAC contractor in Pittsburgh that had connected to Target’s systems to enable system maintenance, electronic contract submission, contract management, and billing. Who would have thought that HVAC contractors could face potential liability for the breach of 40 million consumers’ credit card information?
It would be easy to believe that people who rob with a mouse and a keyboard only target large corporations, because those businesses have the most money. Based on the recent news it should change your belief that cyber criminals will not target you. These criminal syndicates are targeting small businesses precisely because they have allowed themselves to become easy targets and allow access to other larger targets.
Experts in the field estimate that one in five small businesses do not use antivirus software, 60 percent do not encrypt data on their wireless networks, and two-thirds lack a data security plan. This failure to take precautions makes a small business easy pickings for computer hackers. However, there are several things you can do to protect your business.
Here are six ways your restaurant can prevent cyber crime:
- Inoculate your systems against the Clampi Trojan virus. This virus resides on a computer, waiting for the user to log onto financial websites. It captures login and password information, relays it to servers run by the criminals, instructs the computer to send money to accounts that they control, or steals credit card information and uses it to make unauthorized purchases. The trojan monitors more than 4,500 websites.
- Be on guard against “phishing” e-mails and pop-up messages. These messages purport to be from legitimate businesses with which the recipient does business. They ask the user to update or verify information, often threatening negative consequences if you fail to do so. Clicking on the links in the messages brings the user to an authentic looking Web site. However, it is actually bogus; the site collects personal information that the collector can use to steal the user’s identity. System users should ignore these messages.
- Arrange for your financial institutions to alert you should they spot unusual activity involving your businesses accounts.
- Install firewalls and encryption technology to block uninvited visitors from uploading to or retrieving data from your businesses servers and to protect data sent on public networks. Intrusion detection systems can inform you of attempts to hack into the network.
- Be cautious about opening attachments to emails, especially if the sender is someone unfamiliar to you. Attachments may contain viruses or Trojan horses that can steal login information and passwords or corrupt a system.
- Protect against intrusion by disgruntled former or current employees. Deactivate passwords for former employees, erect barriers to keep employees from accessing systems unrelated to their jobs, and implement sound accounting procedures for financial transactions.
In addition to the above six ways your restaurant can prevent cyber crime, your restaurant insurance program should include cyber liability insurance and employee theft insurance. These policies will protect your business against those losses that occur.