Here are recommended high-level security best practices to help safeguard your EatApp account and guest data. These follow standard SaaS security guidelines and are easy to implement within restaurant operations.
1. Account Security & Access Control
• Enable Two-Factor Authentication (2FA) on all EatApp user accounts.
• Use strong, unique passwords for all staff logins.
• Reset all EatApp passwords after any suspicious activity.
• Remove or deactivate old or unused staff accounts.
• Ensure each staff member has an individual login—avoid shared accounts.
2. Internal Credential Management
• Never reuse passwords across email, POS, EatApp, or other systems.
• Store passwords in a secure password manager (e.g., 1Password, LastPass).
• Avoid sharing passwords through email, WhatsApp, or SMS.
• Immediately change passwords when an employee leaves or changes roles.
• Store passwords in a secure password manager (e.g., 1Password, LastPass).
• Avoid sharing passwords through email, WhatsApp, or SMS.
• Immediately change passwords when an employee leaves or changes roles.
3. Email Security
• Enable 2FA on your email provider (Gmail, Outlook, etc.).
• Review access to shared inboxes such as accounts@… regularly.
• Train staff to identify phishing attempts and avoid clicking unknown links.
• Do not forward suspicious messages without IT or management review.
• Review access to shared inboxes such as accounts@… regularly.
• Train staff to identify phishing attempts and avoid clicking unknown links.
• Do not forward suspicious messages without IT or management review.
4. Device & Network Hygiene
• Keep devices updated with the latest software and security patches.
• Use antivirus or malware protection on devices accessing EatApp.
• Require screen lock passwords on all staff devices.
• Avoid logging in to EatApp from public or unsecured Wi-Fi networks.
• Use antivirus or malware protection on devices accessing EatApp.
• Require screen lock passwords on all staff devices.
• Avoid logging in to EatApp from public or unsecured Wi-Fi networks.
5. User Activity Monitoring
• Periodically review user activity logs and active sessions.
• Regularly audit the list of users with access to EatApp modules.
• Immediately report any unusual login patterns or unknown devices.
• Regularly audit the list of users with access to EatApp modules.
• Immediately report any unusual login patterns or unknown devices.
6. Internal Security Processes
• Designate an internal security point-of-contact (manager or IT staff).
• Maintain a simple internal escalation checklist for suspicious activity.
• Document all staff who have access to CRM or Marketing tools.
• Conduct quarterly access reviews across all systems.
• Maintain a simple internal escalation checklist for suspicious activity.
• Document all staff who have access to CRM or Marketing tools.
• Conduct quarterly access reviews across all systems.
7. Marketing/CRM Permissions
• Limit CRM and marketing access to authorized staff only.
• Review saved templates and marketing permissions regularly.
• Remove “send” permissions for users who do not require them.
• Review saved templates and marketing permissions regularly.
• Remove “send” permissions for users who do not require them.
8. Incident Preparedness
• Maintain updated contact information for EatApp support and IT providers.
• Ensure team members know how to quickly disable a compromised user.
• Perform a credential hygiene review every 90 days.
• Ensure team members know how to quickly disable a compromised user.
• Perform a credential hygiene review every 90 days.
If you have any questions or require support implementing these recommendations, the EatApp
team is here to assist.