Security Settings
Protect your restaurant, staff, and customer data. Manage all settings under Owner > Settings > Security (owner or admin role required).
User Access Controls
| Role | POS | Reports | Menu Edit | Staff Mgmt | Settings |
|---|---|---|---|---|---|
| Owner | Full | Full | Full | Full | Full |
| Manager | Full | Full | Full | Full | Limited |
| Shift Lead | Full | View only | Limited | View only | None |
| Server/Cashier | Order entry | None | None | None | None |
| Kitchen | KDS only | None | None | None | None |
Add or edit users under Security > Users. Assign role, locations, and PIN. Set an expiration date for temporary staff.
PIN and Login Settings
| Setting | Default | Range |
|---|---|---|
| PIN length | 4-6 digits | Configurable |
| PIN expiry | 90 days | 30-365 days |
| Failed attempts before lockout | 5 | 3-10 |
| Lockout duration | 15 minutes | 5-60 min |
Password Policies
For web portal and management app access: minimum 12 characters with uppercase, lowercase, number, and symbol. Passwords expire every 90 days and cannot reuse the last 5. MFA (TOTP or SMS) is required for owner and admin roles.
PCI Compliance
Restaurant Revolution is PCI DSS Level 1 certified. Payment data is encrypted end-to-end and never stored on your devices. Role-based access, network segmentation guidance, automated compliance scans, and annual penetration testing maintain compliance. View status under Security > PCI Compliance.
Camera Integration
Connect supported camera systems (Verkada, Rhombus, Avigilon) under Security > Cameras. Map cameras to POS stations and entry points. Void, refund, and cash drawer events are automatically tagged with camera timestamps for event correlation.
Audit Logs
Every significant action is recorded and retained for 2 years:
| Event Type | Examples |
|---|---|
| Authentication | Login, logout, failed attempts, lockouts |
| Transactions | Voids, refunds, discounts, cash drops |
| Configuration | Menu changes, price updates, role changes |
| Data access | Report exports, customer data views |
Filter by date range, user, event type, or location under Security > Audit Logs. Export as CSV for external review.
Related Guides
- Backup & Recovery - Data protection procedures
- Network Infrastructure - Network security and VLANs