Security Tips and Housekeeping for Restaurant Employers and Workers

The hospitality industry is more digitized and automated than ever before. And that’s a great thing — because the right solutions can save crazy amounts of time, cut costs, and generally make everyone’s life a whole lot easier.

But with new technology comes new best practices, especially when it comes to cybersecurity.

Kickfin, like many other software companies, keeps this top of mind. Our product team has built a platform that takes security insanely seriously — in fact, it’s our number-one priority.

And on the Customer Success side, we do everything in our power to ensure Kickfin users are trained to recognize and avoid any potential risks before they ever log in to the platform.

Of course, some of those things are easy to forget even for the most tech-savvy customer — especially when you’re short-staffed and over-booked. But to make things more challenging: best practices are always evolving.

That’s why, periodically, we recommend customers assess the overall strength of their cybersecurity to help prevent any unwanted threats to their businesses. Below is a rundown of the most important and effective ways that Kickfin users can protect themselves and their companies from cybersecurity threats.

(Keep in mind: these are coming from your friends at Kickfin, but most apply to any software solution or platform that’s linked to personal, financial or otherwise sensitive information.)

Why should I care about cybersecurity?

According to a report by Cisco Systems, phishing accounted for the second most common threat against business. It’s “popular due to its simplicity and effectiveness…, accounting for 90% of data breaches.”

Typically, with phishing, a perpetrator will:

Target your end users, bypassing any system-based protections you have in place.
Contact your users via email, though some phishing attacks also occur by phone.
Try to get access to your system by getting your end users to provide a password or to click on a link that will install malicious software on your computer systems.

Phishing scams can generally happen to anyone or on any software platform, regardless of how airtight the security mechanisms are. In many ways, it’s like a thief gaining access to a safe. They’re not breaking into it; they’re tricking the owner into opening it for them.

The Tech Support Phishing scam is on the rise – and one that we think you are most likely to see in the hospitality industry. As recently as October 2022, the FBI issued a warning to business regarding scammers targeting financial accounts by claiming to be customer or tech support representatives from tech companies. One key method they employ is the installation of remote desktop software on the victims’s computer in order to gain control of the computer and, ultimately, of the financial accounts. In 2021, there was $347 million in losses due to tech support scams, impacting almost 24,000 victims.

Fortunately, there are several things you can do to ensure this doesn’t happen.

How to protect your restaurant from cybersecurity threats

At the end of the day, you really can’t control whether you’re the target of a phishing scam — but you can control how you react and whether they’re successful. As always, knowledge is power.

Here’s how to ensure phishers aren’t given the “keys to your safe,” so to speak.

1. Use the principle of least leverage

Only give users the absolute minimal access they need to do their jobs. Again, that goes for any software you’re using, but within Kickfin, there are four user roles with varying privileges:

Org Admin: Has access to all locations in the organization; can add/edit/delete users and make payments at any of the locations. We recommend that the number of org admins be kept to the bare minimum of who needs access.
Site Admin: Has access only to those worksites to which they are assigned; can add/edit/delete users and make payments at those locations. We recommend that the number of site admins be kept to the bare minimum of who needs access.
Manager: Has access only to those worksites to which they are assigned; can only make payments at those locations; cannot add/edit/delete users.
Employees: can only receive payments from those worksites to which they are assigned. They have no access to the administrative areas of Kickfin. Most of your staff should be in the Employee role.

Again (just for the folks in the back!): the majority of your staff should not have Org Admin, Site Admin, or Manager privileges.

2. Educate your staff on proper password management.

Many people are well aware of proper password management, but it’s easy for anyone to get complacent, especially if you’ve never before been the target of a phishing scam. Top things to know about password security:

Kickfin will never call you and ask for your password. Legitimate service providers will not ask you for your password to assist you with their system. This is a common tactic of phishing scam artists in order to gain access to your accounts.
Do not share your password with anyone. (Ever.) Managers should not share their passwords with others in the organization, and we do not recommend using a generic login (such as generalmanager@restaurant.com).
Passwords should be unique to the individual. Make it something you can remember, but that is not easy to guess. They should not include any commonly used catch-phrases or mottos belonging to your organization.
Passwords should contain multiple character types. Consider using numbers and symbols to replace letters in a word, for example D3liciou$Eats!
Use a passphrase instead of a password. A long phrase (the longer the better!) is much more difficult to crack, such as !tal!an Food !$ my Favor!t3
Do not use the same password for multiple systems. If your password is compromised, you can limit the harm caused by only using it for one system.
Do not make your password accessible. For example: do not write the password on a post-it note stuck to the monitor or under the keyboard or mousepad.
Consider a password generator. Your team may want to consider using automatic password generators that are available through most operating systems, or using a password manager that will generate a site-specific password that is randomly generated and virtually impossible to guess.

3. Clean up your user list.

Remove any employees (particularly Admins and Managers) who are no longer with your organization. Make sure everyone has the right role for their job (see #1 above!).

4. Take extra steps to protect shared computers.

If your team members are using a shared computer, encourage your users to log out of important systems and applications each time they step away from the computer to avoid someone using their account session for illicit purposes.

5. Educate your staff on how to avoid phishing scams and social engineering hacks.

Provide them with training on common phishing and social engineering techniques, how to avoid them, and how to respond to them.

6. Develop a cybersecurity action plan.

Know who to contact in the event of a breach and how best to protect your business. Make sure all managers know your company’s protocol for reporting an incident should one occur.

What to do if you’re the victim of a phishing scam

Chances are, you’re already doing a lot of things right.

If you, an employee or your business becomes a victim of a phishing scam, please do the following:

If it involves your Kickfin account, notify our support team immediately. We can help minimize the loss and help you recover your account.
Report the incident to your local law enforcement agency, the FBI’s Internet Crime Complaint Center at www.ic3.gov, and FTC’s Report Fraud site at www.reportfraud.ftc.gov
Make sure all passwords are updated with new passwords that include letters, numbers and symbols.
Scan your computer to make sure any malicious or unknown software has been removed.

And as always, we’re here to help. If you’d like a security review of your account, please contact us at support@kickfin.com. We’ll work with you to ensure that all your users are in the appropriate role for their needed level of access.

You might also be interested in

Product and Company News

Kickfin Ranked 65th Fastest Growing Company on the 2024 Deloitte Technology Fast 500

We’re thrilled to announce that Kickfin made the Deloitte Technology Fast 500™ list, a ranking of the 500 fastest-growing technology, media, telecommunications, life sciences, fintech, and energy tech companies in North America.

How Kickfin stacks up

Overall, 2024 Technology Fast 500 companies achieved revenue growth ranging from 201% to 153,625% over the three-year time frame, with an average growth rate of 1,981% and median growth rate of 460%.

Our 2,144% revenue growth earned us the 65th spot on Deloitte’s list. It’s another exciting milestone for Kickfin — but more importantly, it’s a meaningful validation of our mission to take the clunk out of tip management, so payouts are faster, smarter and safer for every restaurant team we serve.

Based on Deloitte’s ranking, Kickfin is:

The highest-ranked restaurant tech company on the list
The *only* tip management company on the list
Austin’s fastest-growing tech company

Growth driven by product innovation, demand for automation

Kickfin was the first digital end-to-end tip management solution on the market — and with more than $2 billion payouts to more than 250,000 restaurant employees, we continue to be the largest and top-ranked.

Why?

It comes down to working the way our customers work — and not the other way around. Not only do we automate the tip pooling and payout process for thousands of restaurants and bars; no two tip policies are alike, so we’ve built a solution that gives them the flexibility and customization they require.

With more than $2 billion payouts to more than 250,000 restaurant employees, Kickfin continues to be the largest and top-ranked tip management software on the market.

That’s a big reason we’ve focused on building direct, robust integrations with the leading POS systems on the market. So far, we’ve rolled out integrations with Toast, SkyTab, Oracle, PAR, Heartland and Square — and the list continues to grow.

“In recent years, digital tip management has become table stakes,” said Justin Roberts, Kickfin’s co-founder and co-CEO.

“Operators now understand the significant efficiencies to be gained by eliminating manual tip-out processes. It’s no longer a question of ‘if,’ but ‘how.’ As a direct result of our commitment to innovation and customer success, we’re thrilled to see more and more restaurants select Kickfin to modernize their tip management.”

A big thank-you to our customers who trust us with their payouts, to our partners who support, collaborate (and integrate!) with us, and of course, every member of the Kickfin team.

About the Deloitte 500

Now in its 30th year, the Deloitte Technology Fast 500 provides a ranking of the fastest-growing

technology, media, telecommunications, life sciences, fintech, and energy tech companies — both public and private — in North America. Technology Fast 500 award winners are selected based on percentage fiscal year revenue growth from 2020 to 2023.

In order to be eligible for Technology Fast 500 recognition, companies must own proprietary intellectual property or technology that is sold to customers in products that contribute to a majority of the company’s operating revenues. Companies must have base-year operating revenues of at least US$50,000, and current-year operating revenues of at least US$5 million.

Additionally, companies must be in business for a minimum of four years and be headquartered within North America.

Ready to take the next step?

See how brands like Walk-On’s, Marco’s, Bar Louie and more are automating tip pooling and payouts with Kickfin. Schedule your 10-minute demo today!

Industry Trends

How the 2024 Presidential Election Could Affect Taxes for Tipped Employees

It’s an election year, in case you haven’t heard! 😉 This one has major implications for tipped employees — specifically, when it comes to taxes.

It’s no secret that our Democratic and Republican candidates are running on very different platforms. But when it comes to tip regulations, Vice President Kamala Harris and Former President Donald Trump actually both support reducing taxes on tips.

A little context on taxes and tips

We’re just going to state the obvious: For the average American, tax reporting can be pretty, pretty confusing. For the millions of employees working in tipped occupations — well, that creates another layer of uncertainties.

(Do I have to report my tips? Do have to report my cash tips? Will anyone know if I don’t report my tips? What happens if I don’t accurately or fully report what I earned?)

Historically, there’s been a trend of hospitality employees underreporting cash tips to prevent higher tax burdens. And while this may reduce what employees owe Uncle Sam in the moment, there can be downsides: e.g., if they find themselves eligible for unemployment, if they’re trying to qualify for an auto loan or mortgage, etc.

However, that urge to underreport could be relieved in the near future, given the tax code changes both of our presidential candidates have proposed. The TL;DR: Both Trump and Harris have voiced their intention to relieve some of the burden on tipped workers in restaurants, bars, hotels, and other service positions.

Here’s a quick summary of each candidate’s plan, as well as some potential impacts for restaurant employees.

Trump’s plan for tipped employees

Trump shared his plan to reduce tipped income tax burden at a rally in Las Vegas — fitting for a city that’s built on the gig economy. Nevada is home to the highest concentration of tipped employees who work in the many hotels, casinos, and restaurants that millions of tourists flock to annually.

During the rally, the former president announced that he would make tipped income exempt from federal income tax, stating it would happen “right away” when he takes office.

Since speaking at the rally, Trump has not yet clarified what this would mean for tipped employees. Many servers want to know if this is an exemption just on federal income tax or if the proposal includes payroll taxes (social security and Medicare).

Harris’s tip tax proposal

Harris also took the opportunity to speak on her tipped income policy while visiting Nevada. Much like Trump, she knew she’d have a captive audience when it comes to tipped earnings.

Her proposal promises to exempt tipped income from the federal income tax, but she has made clear that tips will still be subject to payroll taxes. While not yet confirmed, campaign insiders say Harris is considering placing some guardrails on her plan — like a caveat that the tax exemption only applies to employees earning less than $75,000 per year.

Is one plan better than the other?

In short: probably not. (Most service and hospitality workers do not earn above the $75,000 threshold that’s been suggested by the Harris campaign.) So either way, servers, bartenders, and hospitality staff can expect to see a lower tax burden during the next administration.

But what does that look like in practice?

Most tipped employees aren’t receiving their tips on payroll — they’re walking out of every shift with their earnings for the night, deduction-free. Instead, the taxes are paid on payroll out of their hourly earnings, which is why many servers get $0 paychecks every two weeks. With a reduced tax burden, most servers will see the difference in higher paychecks.

On the other hand, economists are wary of the impact of eliminating taxes on tips, citing the reduced funding for social security and Medicare. And with so much negative sentiment around “tipflation” these days, experts also speculate that a reduced tax burden may result in even more hesitance at the tip screen.

Increasing minimum wage

We’re closely following campaign promises about an increase to the minimum wage — especially in regards to the tipped minimum wage and the tip credit.

Minimum wage earners have been eyeing an increase, noting that the federal minimum wage of $7.25 per hour hasn’t increased since 2009, and servers, bartenders, and other tipped employees have been earning $2.13 per hour for over 30 years. An increased minimum wage paired with the reduced tax burden could make a major difference for service workers trying to keep up with the rising cost of living.

In the Harris camp, removing tax on tips is just part of the plan to take some pressure off service workers. While Harris hasn’t shared a detailed plan for bumping up the minimum wage, she has indicated that she would support an increase.

In previous election cycles, Trump stated that he would consider a minimum wage increase, but he has not shared his opinion on the matter during the 2024 presidential campaign.

Of course, we’re a ways out from any real policy changes actually shape — but if you’re looking to make your tip management process less taxing in the interim (see what we did there?), Kickfin is here for you! Check out how you can use Kickfin to auto-calculate tip pools and send payouts directly to employees’ bank accounts in seconds.

Restaurant Management

Top 4 Ways to Protect Your Restaurant from Cash Shrinkage

No matter what industry you work in, there’s always a risk for shrinkage and theft. Ninety-five percent of all businesses experience theft in the workplace, and up to 75% of employees have admitted to stealing from their employer.

Most of the time, it’s not intentional or malicious. For restaurants, it could be something as innocent as giving your friends a free drink or asking the kitchen for food and neglecting to ring it in.

But when you have a lot of employees handling cash day in and day out, it can be very tempting for someone to take advantage of systems and pocket extra money at your expense. To make matters worse: because cash is hard to track, it can be tricky for operators to put their finger on exactly what’s happening — at least, before it starts to impact your bottom line.

While cash shrinkage can jeopardize your business, operators do have the power to protect their restaurants. Ultimately, it comes down to having the right processes, systems and partners in place.

Here are 4 things you can start doing today to protect your restaurant from cash shrinkage.

1. Create a culture of trust with employees

Most people want to come to work, do their best, and make an honest living. Creating an environment where your employees trust you with their earnings should encourage them to also be responsible with company assets, including cash.

Of course, it starts with doing your due diligence when building out your team. That means interviewing new hires in person, asking the right questions, and always checking references.

But the fact of the matter is that even good people can make poor decisions, especially when they’re struggling. As an employer, there are things you can do to keep your staff from ever getting to a place where they feel the urge or need to steal. That includes:

Paying a fair and competitive wage
Paying wages on time, in full
Giving people instant access to their earnings
Offering employee benefits and perks if possible
Adhering to federal, state and local labor/wage regulations, especially as they relate to tips

Bottom line: If you show that employees you take their financial well being seriously, it can foster an environment of mutual respect, making employees less likely to consider theft as a reasonable (or justifiable) option.

2. Minimize cash touchpoints

It’s simple. Less cash on hand = less opportunity for cash shrinkage.

In the unfortunate case that a high-ranking employee is stealing from your restaurant, cash tip outs make it much more difficult to catch and trace. Anyone with access to cash registers and safes has the opportunity to take a few extra bills — and you may not notice until well after the cash is pocketed and spent.

Instead of locking up cash and making only a few employees responsible for the massive task of paying out tips, take advantage of new technology that eliminates cash from the tip out process. Fewer people will need to manage cash, which adds one extra layer of security against theft.

Bonus: cashless tipping vendors like Kickfin give your employees more flexibility with their earnings. They can opt for tips to be sent directly to their bank or to have them put on their payroll check, empowering employees to make their own financial decisions.

3. Create a digital paper trail

The trouble with cash is the inability to track it. Half the battle is realizing that the cash is missing; and once you know it’s gone — well, now what?

Digital gratuity management software makes it easy for restaurant operators to create a digital paper trail for all tip payouts. You’ll be able to identify any improper payments, who they went to, and who authorized the payout — removing a major security soft spot.

Not only will you feel more secure, but your loyal employees will thank you for making tip outs much easier.

4. Select a secure tip management partner

Removing cash-on-hand is a great first step, and it should make any potential theft traceable back to the person responsible. But wouldn’t you rather prevent theft before it happens?

If you’re ready to bring your gratuity management into the future, make sure to thoroughly vet your options — because not every digital tip out software has strong protections against theft.

That’s why Kickfin has optional guardrails that can mitigate your risk of employee theft.

Maximum tip amounts: Limit the amount that can be issued in any individual payout.

Role policies: Create policies to limit who can receive payments by role type, and limit who can send payments to themselves.

Multi-factor authentication: Set your own rules to require MFA at any point, whether at every login or once a month.

Payment interval approval: Trigger a requirement for second approval for an employee’s first payment or their first payment in a determined number of days.

Payment velocity approval: Trigger a requirement for second approval when an employee receives a determined number of payments within a certain interval.

For our POS integration partners, Kickfin can also put guardrails around your tip calculation policies to prevent fraud. While we offer the ability to send payments through manual entry, spreadsheet upload, or using our tip calculation software, integration users can disallow manual and upload payments to prevent any ad hoc payouts.

Integration users can also lock in their tip calculation rules, so that only certain users can make changes to the calculation policy.

How Kickfin helps in the event of fraud

Even without the temptation of cash in the safe, where there’s a will, there’s a way.

If you find yourself in a regrettable situation with an employee, your tip management partner should be there to back you up. Thankfully, our platform tracks each payout which will help you identify irregularities and the source of the problem.

The Kickfin team will always be there to support our partners who experience security breaches.

Check your Kickfin security settings

Do you want to make sure you have the most up-to-date protections on your Kickfin account? We’ve got you covered. Reach out to your Kickfin customer support team to ask about a free security audit, where we’ll go over your current settings and offer guidance on how to minimize your risk.

Not yet a Kickfin user? Find out more about our platform and security settings with a demo today.

Restaurant Management

4 Ways to Save on Restaurant Labor Costs with Kickfin

In the restaurant industry, profit margins have always been tight — and these days, they’re only getting tighter.

Running a restaurant is a labor intensive business. You need a strong back of house team to push out food, front of house workers to greet and care for guests, and managers to keep everyone in check. Naturally, labor is one of the most significant expenses for restaurant operators. In order to keep costs reasonable for customers, even a slight overage on labor can break your budget — but thankfully there are levers you can pull to reduce labor costs.

If you want to secure your business’s financial future, you’re going to need to streamline scheduling practices and keep a close eye on labor costs… without frustrating employees who want more shifts.

Don’t worry: you can turn to traditional wisdom, sales forecasting, and emerging restaurant technology to make sure that you stay on budget.

Here are a few ways you can save on labor costs at your restaurant:

1. Rethink the schedule

Obviously, the most straight-forward way to cut labor costs is to reduce the number of people you schedule on a given night.

We get it — you don’t want to see hour-long ticket times and poor guest experiences. But you might not need as many folks on the line or servers on the floor as you think — at least, not all the time.

Staffing and scheduling isn’t a perfect science, but there are some tactics operators should test if they’d like to “right size” every shift — including:

Analyze your daily schedule. Don’t make assumptions about your peak times and slow periods. Analyze sales trends and let the data be your guide.
Anticipate seasonal trends. If you’re in a college town, don’t wait until your servers are twiddling their thumbs in July to implement a new summer schedule.
Let your seasoned staff shine. Your veteran employees likely thrive on those super busy nights when they’re running on pure adrenaline (and earning way more in tips). Consider giving more experienced workers more responsibility — assuming they’re willing and able — and you might be able to get away with fewer people on a shift here and there.

>> Learn about scheduling software that helps you manage labor and engage with employees

2. Assess and address productivity

Are you making the most of the team that you already have? There are a few ways you can identify your highest-producing employees and make the most of their success:

Evaluate employee performance. Most employees want to be successful; observe your team and analyzes things like sales per labor hour, table turnover rate, and tip volume to get a sense of your strongest players and those who could use more training (and bonus: this can reduce turnover and boost team morale)

Provide incentives. Create a fun bonus system that rewards strong performance and high levels of productivity. You can use data from the previous data point to set goals.
Cross-train employees. Training your staff to handle multiple roles – or hiring folks with vast service experience – offers flexibility for scheduling and can reduce your need for additional hires.

3. Don’t pay employees to wait for their tips

No, we’re not saying to cut all of your servers early (no matter how much they ask).

But, you can send your servers on their way much quicker when they don’t have to wait around for managers to count out cash tips. Once they’ve finished their sidework, servers can clock out and see their digital tips sent directly to their bank account, instead of hanging around on the clock waiting for the shift manager to do their check outs.

4. Prevent labor overages before they happen

Most restaurants simply can’t afford to pay overtime for staff. But sometimes your full-time staff creep toward 40 hours of work without anyone noticing…and suddenly you’re paying 1.5x what you expected for a single worker.

This, too, goes back to proper scheduling policies. Give yourself a bit of wiggle room for the employee who clocks in 10 minutes early or often takes a long time on sidework by never scheduling anyone for more than 38 hours each week.

5. Pay close attention to clock-outs

People make mistakes, and tired servers often leave their long double shift without clocking out for the night. Usually, they’ll realize their mistake and call the store to have someone clock them out (still adding extra time to their shift).

But sometimes, the clock keeps running all night, and no one notices until it’s time to process payroll. Two weeks later, your admin team is spending way too much time correcting clock-outs so that you don’t end up paying for 8 extra hours of work.

Try using technology that puts guardrails in place to prevent any clock-out mistakes before they happen. Kickfin doesn’t allow you to process and pay out tips until an employee is clocked out, so managers can make sure everyone is clocked out at the proper time.

(We also have some other exciting new features that can make your life easier!)

Not only can Kickfin help you reduce labor costs, but we’re ready to simplify your entire tip management process. Reach out to us to learn more about our instant tip calculations, integrations, and smarter tipping solutions.