If you are using an on-site computerized point of sale, inventory management, accounting system or similar computerized record keeping system it extremely-important to safeguard your data in case of a disaster (fire, flood, tornado, etc.)
- Backup Data Daily: Perform daily backup of important computer data at the end of each day as part of your close-out/end-of-day process.
- Rotate Backups: Do not perform today’s backup on the same medium that you used for yesterday’s backup; rotate your backups (Minimum of three iterations are recommended – Example: Backup performed on March 8th should be used again for backup on March 11th.)
- Disaster Planning (Daily Backups): Do not keep all physical backups in the same geographic location. Carry tonight’s backup home with you; remove the previous night’s backup from the desk drawer or file cabinet at your home and put it in your briefcase/purse/pocket for carrying back to the store in the morning. Place the most recent backup that you brought home with you today in the desk drawer or file cabinet where you had the previous night’s backup stored. When you arrive at the store, remove the medium that you brought from home (in your briefcase/purse/pocket) and put it in the same place that you store your other on-site backup. When you perform tonight’s backup use the medium that was already in the storage location where you added the one you brought from home.Three iteration backup example:
Monday Evening – Backup A (then take home after closing)
Tuesday Morning – Bring Backup C back from home
Tuesday Evening – Backup B (then take home after closing)
Wednesday Morning – Bring Backup A back from home
Wednesday Evening – Backup C (then take home after closing)
Thursday Morning – Bring Backup B back from home
Thursday Evening – (Same as Monday evening, continue repeating the cycle)
Q. Where to store my daily backups at my on-site store?
A. Wall or floor safe (if you have one), locked fireproof box (if you have one), locked file cabinet or desk drawer; any secure location that is not easily accessible by employees or customers.
- Disaster Planning (Monthly or Quarterly Backups): Once a month (or quarterly, if you’re comfortable with the extended duration), remove the current daily backup from your scheduled rotation and replace with a new medium, continuing the rotation as normal. Secure the medium removed from the rotation in a safe place such as an off-site fireproof container or safe deposit box.
- Disaster Planning (Programs): Once an important program is installed onto your computer, make a backup copy of the program on CD, DVD or USB drive. Store the original in a safe location (along with registration information and codes, if applicable) other than the geographic location where your business is located; preferrably in a safe deposit box or fireproof container. Retain the copies at your retail location.
It is also extremely important to comply with the PCI (Payment Card Industry) mandates regarding the acquisition, storage and retention of credit card information.
- Do not write down credit card numbers, expiration dates or CVV security codes.
- If you have retained customer’s credit card numbers, expiration dates or CVV security codes, destroy them immediately in a manner whereby they cannot be recompiled (burn, shred or similar manner of destruction).
- Make sure your receipt printer is not printing the full credit card number and/or expiration date on the receipt. If it is, contact your credit card processing vendor or point of sale software provider as soon as possible to rectify the condition.