How Restaurants Can Take a Proactive Approach to Security

Data breaches are on the rise for all industries, including quick-service restaurants. Companies like Checker’s/Rally’s and Dunkin’ have all recently experienced high-profile breaches, many caused by flaws in POS systems.

Data breaches are a serious danger for both restaurants and consumers, as they damage brand trust. Law-makers have taken notice, implementing several new laws and regulations—like General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) – to hold companies accountable for negligence concerning how consumer data is acquired, used and protected.

As the amount of consumer data quick-serves collect for loyalty programs and general marketing initiatives increases, companies must hold themselves to higher standards or be left behind the pack, with consumers opting for restaurant brands that place more value on data protection than those that fail to keep their information secure.

The marriage of privacy and security

Two sides of the same coin—privacy and security—work hand-in-hand to protect customer data. If a company uses data irresponsibly, it will fail to measure up to privacy standards imposed by legislation and consumer demand. Likewise, if a company doesn’t build its privacy strategy on the foundation of a comprehensive security program, it will fall short of expectations.

The consumer data conundrum

It’s smart for quick-serves to collect only the customer data you need to better serve them with custom content and personalized service, potentially gaining an edge over competitors. With that in mind, with more data comes greater responsibility. The more data you collect, the more information you have to protect, and the more you have to lose if you fail to do so.

Restaurateurs must walk a fine line between collecting data that is useful and deleting data that is no longer needed. It’s also imperative to ensure any data collected is done so in a way that is both in compliance, stored and secured according to industry best practices.

Getting ahead of privacy and security

Restaurants aiming for an ethical approach to data privacy that helps to build and keep consumer trust must prioritize privacy. And if doing good isn’t motivation enough, quick-service restaurants should consider how a proactive approach to privacy can make them stand out from the competition, as well as how a reactive approach to privacy could destroy a brand’s reputation and cost the company millions.

Assess and adjust

Quick-serves that collect data should conduct Privacy Impact Assessments (PIA) to assess risk, ensure compliance, and determine the best course of action to mitigate risk. PIAs can help restaurants to ascertain how vulnerable their customers’ data is and what impact a breach could have. A best practice among privacy experts, PIAs have now been introduced into a legal framework thanks to GDPR.

Bake it in

If your organization treats privacy like a box that must be checked off to ensure compliance, you’re doing it wrong. Instead, aim for privacy by design (or default). Privacy should be baked-in to the very culture of the company. Privacy shouldn’t be an afterthought, but an aforethought. Consider privacy when you make any decision regarding product innovations, marketing or strategic partnerships.

Privacy by design requires regular discussions, ongoing training and looking to your privacy and security leaders for constant guidance. A culture of privacy ensures that every member of the organization takes ownership of protecting customer data, whether that means knowing what a phishing email looks like or understanding the importance of not opening documents from unknown senders on a work device.

Partners in Crime

As a quick-service brand, you may be doing everything in your power to protect the data of your customers, but if you don’t keep good company, all that hard work goes right down the drain. Often, it’s third-party partners like your vendors, suppliers, and consultants that pose the most significant risks. To combat this proactively, make it your business to know where your customers’ data is stored and which partners have access to their information. Do some due diligence before taking on new partners. Ask whether they have a chief information security officer, and what data protection policies and practices they have in place.

An evolution of the data protection landscape and increased oversight into business practices means restaurants need to implement a comprehensive and proactive privacy and security plan that includes performing Privacy Impact Assessments, designing the organization with privacy in mind, and carefully selecting partners, while limiting their access to sensitive customer data.

Jill Knesek is the Chief Security Officer (CSO) for Cheetah Digital, where she is responsible for providing enterprise-wide leadership in developing, planning, coordinating, administering, managing, staffing, and supervising all aspects of information security. She has more than 25 years of experience in cybersecurity, working in both internal and client-facing roles. She served as a Special Agent for the FBI. Prior to joining Cheetah Digital, Jill worked as the CISO for Mattel and BT Global Services.

HME Hospitality and Specialty Communications Releases New Text-to-Speech Feature

HME Hospitality and Specialty Communications announced the release of Text & Connect, a powerful new NEXEO | HDX feature used to send real-time, personalized, text-to-speech alerts to select restaurant teams and stores via the NEXEO headset. Text & Connect revolutionizes store operations by enabling restaurant leaders to build employee engagement, recognize outstanding performance, and deliver consistent […]

MOD Pizza to Begin Using Bikky’s Customer Analytics Solutions

Bikky, a customer data platform built exclusively for multi-unit restaurants, announced a partnership with MOD Pizza, the purpose-led, people-first, fast casual pizza pioneer. By leveraging Bikky’s customer analytics capabilities across its entire portfolio of over 500 locations, MOD is deepening its knowledge of what marketing and menu decisions resonate with customers and as a result, increase […]

ItsaCheckmate Unveils Kiosk Solution

ItsaCheckmate, a leading restaurant ordering solutions provider, unveiled its new Kiosk solution, engineered to enhance the visual and operational standards of kiosks in the restaurant industry. This release marks a significant step forward, addressing common user experience and branding limitations found in other offerings. Many of the market’s existing kiosk solutions force brands to compromise on […]

Sparkfly Forges Partnership with Olo

Sparkfly, an award-winning retail technology solutions company, has forged a strategic partnership with Olo, a leading restaurant technology provider, to create the next-generation intelligent guest engagement ecosystem. With tens of thousands of restaurant locations already supported by Sparkfly and Olo collectively, there are significant expansion opportunities supporting growth and innovation for enterprise restaurant brands. The […]

Steak ‘n Shake Locations Add Biometric Check-in and Checkout

PopID and Steak n Shake announced that all Steak n Shake locations in the United States now accept PopID Check In (to review favorite orders and loyalty points) and PopPay for checkout. With more than 300 locations, Steak n Shake is the first national restaurant brand in the United States to adopt biometric check-in and […]

Wayback Burgers Unveils New Rewards Program

Wayback Burgers, America’s favorite hometown burger joint and one of the nation’s fastest growing burger franchises, unveiled Wayback Rewards, its new and improved rewards program for guests. Highlighted by a new “secret menu” which will put fun, limited time menu items at members’ fingertips, members can access the new Wayback Rewards program wherever they order, whether via the app, online, […]

Black Rock Coffee Bar Implements Revel’s POS Systems

Revel Systems, an open cloud order management platform for restaurant and retail brands, announced that Black Rock Coffee Bar has successfully implemented Revel at more than 130 locations, with plans to rapidly expand nationwide. Preferring a best-of-breed approach to its technology stack, Black Rock took advantage of Revel’s existing integrations with leading solutions for loyalty, […]

You might also like...

Also in Operations

Get daily updates on quick-serve industry news, tips, and events.