Setting up as a franchisee is very exciting: congratulations! You’ll be buying into a business with an established business model—you’ll know it can work. You just need to make it work for you, in your area.
Have you considered cyber security for your franchise?
Typically, in exchange for the initial fee, the company you buy the franchise from will provide a ‘business in a box’. Depending on the business, and on the specific franchise agreement, this could include equipment, stock, operating procedures and training, systems and software.
You will then pay them a percentage of your annual fees, some of which will be pure profit for them. In exchange, they’ll provide some support, and use some of the fees to market the brand, supporting all the franchisees.
In among all the other things you’ll need to think about when buying a franchise (HMRC, VAT, accounting, banking, insurance…) is—of course—cyber security. While it is obvious that you’ll need to protect any physical stock and/or physical location, you should also think about how you’ll protect your digital assets.
Who will be responsible for cyber security?
Unless you’ve agreed otherwise, you will be responsible for securing your business data. This could include information such as financial data, customer data and employee data.
The systems provided to you by the franchisor may be connected to a central system (and maybe to systems provided to other franchisees). You’ll need to protect access to that.
You may be going to use a variety of devices (phones, laptops, point-of-sale devices). All of these will need to be protected. Maybe you plan to set up a local website or social media accounts, so you should think about securing those. Are you going to accept credit cards? You’ll need to think about compliance with PCI DSS, and securing the cardholder data.
Once you have a list of all the digital assets that you will use, you’ll need a plan for how you will manage them. Who will have access to which accounts? When will the accounts be backed up, and the software on the devices updated? Who is responsible for that?
Staff move on, and new staff will join your franchise. New staff will need to be trained in your cyber security procedures, and given access to any systems they will need to use. Any access that former staff had to your systems should be removed.
Does the franchisor insist on compliance with any information security standards?
There’s lots to think about, and to discuss with your franchisor. They have probably included provisions for cyber security in the operational procedures and any training that they provide. If not, then ask them about cyber security. It is in their interest as well as yours to keep sensitive information secure and protect the brand.
Are you the franchisor?
And if you are considering franchising your business, why not give us a call to talk about the cyber security implications?
Contact us on 0113 733 6230 or use our contact form.
