You know how critical it is to keep your systems secure with secure passwords. But it can get frustrating to have to manage passwords for every little thing—not to mention the random characters, letters and symbols you are encouraged to use. A security breach, however, can result in significant financial losses and irreparable damage to your restaurant’s reputation.
The credit card associations are enforcing stringent data protection compliance requirements on merchants and merchant service providers, as outlined in the Payment Card Industry (PCI) Data Security Standard. In response, many restaurant operators are turning to biometric fingerprint security to secure their data. But there are still places—like your Windows login, for example—where you can’t get around the need for a password.
One major PCI requirement is the use of strong passwords to control access to your point of sale system.
The challenge of the strong password:
The "stronger" the password, the more difficult it is for a malicious user to guess. Hackers are becoming increasingly sophisticated at cracking passwords. That’s why the PCI standard requires passwords to be at least seven characters long, and include both numeric and alphabetic characters.
To create a strong password, follow these guidelines:
- Use both upper- and lower-case letters.
- Place numbers and punctuation marks randomly in your password.
- Make your password long and complex. Between 8 to 20 characters long is recommended.
- Use one or more of these special characters: ! @ # $ % * ( ) - + = , < > : : " ‘
- Make your password easy to type quickly so it’s difficult for someone looking over your shoulder to steal it.
- Create different passwords for each system.
Easy, right? Not.
The answer? Use a secure password manager.
Online password managers encrypt and track all your passwords for multiple sites and systems. This way, you only have to remember one ‘master’ password. A good password manager can auto-generate random and complex passwords, store them in a database, and decode them locally when you need them. Consider password managers such as LastPass or KeePass to secure your passwords.
If your POS system, like SpeedLine, has a password management utility, use it to define strong passwords and schedule password changes.
Too many restaurant companies invest heavily in system upgrades and screening to bring their restaurants into compliance with PCI standards, and then trip themselves up by failing to educate staff about password management. Security is just as much about physical security as it is about system settings—and something as simple as a password scribbled on a Post-It note could be the cause of a breach.
Are your passwords secure?
Posted on Mon, Mar 26, 2012 @ 08:03 AM.
Updated on April 16, 2019 @ 3:19 PM PST.
Posted by Tricia Hoy| Author's website