Background
Restaurants are becoming fast adopters of digital tools. At the same time, they are getting breached frequently. More than 70% of consumers cite vendor security as one of their top selection criteria for purchase. An owner of a top 10 quick service restaurant (QSR) franchise in North Carolina decided to minimize his business’s cybersecurity risk and better protect his reputation with customers.
The owner of this QSR chose ResiliEYE because of the platform’s ease of use and ability to comprehensively evaluate cybersecurity risks.
Key observations
As a best practice, the franchisor had provided this restaurant with hardware and enterprise software with good security. However, 50% of the network-connecting devices, including some of the IoT devices, had known security vulnerabilities. The POS terminals connected to the main server were running on an operating system that was no longer supported by Microsoft. A mobile food ordering company had provided terminals that also connected to the network and were vulnerable to cyber-attacks.
Further, the restaurant had not established a strong culture of security. Employees were able to connect their personal devices to the same network that connected the POS system and the main server. Hence, a personal device under attack could risk some of the critical store assets and customer data. Every employee also had admin access to the server. The passwords to the systems were openly shared and employees stored them in their mobile devices and personal emails.
This restaurant was highly vulnerable to a cyber breach. An incident in a restaurant like this (annual revenue of $310,000) would cost around $350,000 to resolve in addition to damaging its reputation. With use of ResiliEYE, the owner is now managing cybersecurity in his business proactively and comprehensively.
To learn more about the ResiliEYE platform by ResiliAnt, please reach us at info@ResiliAnt.co.