Every year businesses lose millions of dollars as a result of data breaches and theft, and that number continues to grow at an alarming rate. Between January and September of 2015, more than 140 million records were compromised, compared to 85 million in all of 2014. In the past five years the number of incidents has increased by nearly 500 percent.
In the restaurant industry, the average cost to of each stolen record to a business is estimated to be between $129 and $165. With data breaches on the rise, protecting against cyber threats has become a necessary and continuous business practice on par with physical security and fraud prevention. Businesses that hope for the best and look the other way are only setting themselves up for potentially catastrophic losses.
Preparing for the inevitable
While some have chosen to place the responsibility of security and regulatory compliance on in-house IT departments, it simply isn’t a practical solution for larger quick-service chains. Corporate IT departments are typically leveraged at or beyond their capacity dealing with the daily needs of employees and equipment.
Often, the better solution is to look outside of the company for help. Managed security services firms bring the focus and seasoned expertise needed to stay ahead of ever changing Internet threats. This is especially true since larger organizations have more to manage within their networks.
As the CFO of a 30-year-old, award winning pizza chain says, “Let the experts be experts. That’s why we hire professionals to prepare our taxes. I don’t want to incur the costs of keeping a tax expert on staff. We took the same approach with our security and PCI compliance. We would rather align with the experts, knowing that they are going to give us the most accurate and up-to-speed counsel and recommendations for our operational needs.”
Outsourcing security saves money and time by reducing the need for additional employees, software, and equipment, as well as lowering the costs associated with training and credentialing. Existing IT staff can focus on more critical operational needs and the daily requirements of the business.
For businesses with on-staff security personnel, those resources can focus on more critical projects while at the same time reducing the workload of what’s likely to be an under-resourced team. Managed security also reduces the risk of harm to a company’s brand or reputation and reduces operational costs. It can even improve the in-store experience for customers by offering a host of value-added options such as built-in secure Wi-Fi access and other services.
Choosing a managed security services partner
The same national pizza chain previously handled all data security through its merchant services provider and point-of-sale (POS) vendors but the director of IT realized more security was needed to protect the business and their customers.
“In order to improve the consistency of our security throughout the store network, we needed a partner with a national presence in terms of security technology capabilities, service, and support that could literally act as an extension of our staff,” the IT director says.
In looking for the right partner, quick serves should consider many factors. Below are the most important:
Expertise: Identify areas of expertise such as network security, PCI DSS, and others that are pertinent to your business and choose a partner with a strong track record in each. It's also important to look for a provider whose services are PCI Level 1 certified—not just compliant.
Support: While some nondomestic outsourced help desk and support services are very good at what they do, they aren’t ideal for security personnel. A partner that can provide local support is a must.
Broad Experience: Look for a provider that offers experience in both network management and security. Setting up the network is an integral part of ensuring security technologies and protocols meet the highest possible standards.
Assistance with Regulatory Compliance Audit: A partner that can assist with regulatory compliance audits and questionnaires will save time, significantly reduce risk, and lower operating costs.
Strong data security not only protects against malicious attacks, it allows businesses to focus on the day-to-day operations while ensuring vigilance with protecting sensitive information. Choosing the right managed security services provider will make a significant impact on the IT, security, operational, financial, and risk areas of any business.