Friday night at a busy restaurant. A customer at table 12 can’t post a photo of her cocktail; at the same moment, the bartender can’t get the credit card terminal to connect. They’re fighting the same problem from opposite sides of the counter — and it’s the same problem most restaurants, bars, and high-traffic retail businesses in town quietly have.
Their WiFi was never designed. It was hoped for.
How most places end up here
It usually goes like this. There’s one router. The router has WiFi built in. The owner gave the password to the staff a couple of years ago when they opened. Staff gave it to a few customers who asked. Customers gave it to friends. And now everybody has it — the regulars, their kids, the contractor who came to fix the freezer last summer, every Yelper who stayed for four hours.
The point of sale terminal is on that same network. So is the kitchen display screen. So are the cameras out back. So is the manager’s laptop with QuickBooks open on it. All sharing the same plumbing.
On a slow Tuesday afternoon, that’s fine. Everything works. The problem starts when you get busy.
The two real problems with one network
The first problem is bandwidth. On a Friday night with eighty customer phones connected and half of them streaming, your point of sale is fighting for the same internet connection as forty people watching TikTok. So when the bartender runs a card and it takes twelve seconds instead of two, that’s why. When the kitchen display freezes during the dinner rush, that’s why. The bandwidth problem is annoying but visible.
The second problem is worse and harder to see. It’s a security problem.
When everything is on one network, a customer phone — maybe a customer who didn’t mean any harm, maybe their phone is just compromised from a sketchy app installed last week — sits one Wi-Fi password away from your point of sale and your back-office computer. Your point of sale and your customer phones share the same broadcast space, which means there are a lot of cheap, freely-available tools that can snoop on traffic between them.
The credit card industry has rules about this. They call them PCI rules — short for Payment Card Industry Data Security Standard. You don’t need to memorize that. The short version: if you take credit cards, mixing customer devices with your point of sale puts you on the wrong side of those rules. That’s a problem you don’t want to find out about during an audit, or worse, after a breach where the bank pulls your processing privileges.
What the right setup looks like
Two networks, running through the same access points (the WiFi devices in your ceiling). Same building. Same WiFi signal you see when you scan. Completely separate plumbing underneath.
The first network is your **business network**. Point of sale. Kitchen displays. Cameras. The manager’s laptop. Back-office computers. Locked down. Strong password. Only your stuff connects.
The second network is your **guest network**. That’s what customers see when they pull out their phones. It can be open, or it can have a simple password posted on a card on the table. When customers connect, they should hit a captive portal — that splash page you’ve seen at airports and hotels with a business name and a “click to agree to the terms” button.
That splash page does three useful things. It puts your brand in front of every customer who connects. It gives you legal terms of use that protect you. And it lets you cap how long any single device can hog bandwidth, so one person streaming the entire NFL playoffs doesn’t ruin it for everybody else.
Done right, the customer can’t see anything on your business network. Your point of sale can’t be reached from a phone in the parking lot. And when the bar fills up, your point of sale stays fast — because it’s not in line behind eighty phones.
Bandwidth math, plainly
Owners consistently underestimate how many devices are actually on their guest WiFi during a busy night. A 50-seat restaurant on a Friday could easily have eighty or more active devices — couples sharing tables, families with kids on tablets, the bar crowd, employees on lunch break with personal phones connected, delivery drivers waiting on a pickup.
Without prioritization, those devices are all in the same line as your point of sale. Even on a strong fiber connection, that line gets long. The fix isn’t always more internet (though it sometimes is). More often it’s separating the lanes — guest traffic gets one lane with caps and rules, business traffic gets a clear lane with priority.
In some operations, the right answer is two physical internet circuits — one for the business, one for guests. That sounds expensive until you do the math on what an average ten-minute card-processing outage on a Saturday night actually costs you.
Cameras and outdoor coverage
Two quick notes that often get missed.
Cameras. A serious camera system uses a lot of bandwidth, especially if it’s recording to the cloud. Cameras should usually live on their own network segment — not because they’re sensitive, but because they’re constant. They never stop talking. Putting them on a third network keeps them from quietly starving everything else.
Outdoor coverage. Patios, parklets, drive-thru lanes, parking lot seating — the indoor access points are not going to cut it. They weren’t designed for outdoor use, the Inland Empire heat will shorten their life, and the signal won’t reach the way you’d hope. Outdoor coverage requires outdoor-rated access points designed for the job. “Just put one outside” is the most expensive shortcut I see, every single time.
What to check this week
Three things you can do without any tools beyond the phone in your pocket.
1. Connect to your guest WiFi and try to reach your point of sale. Try to reach the back-office computer. Try anything that should be on the business side. If you can see anything past the splash page, you have a problem.
2. Check whether your guest WiFi password has been the same for more than six months. If yes, it’s time to rotate it. The number of people who have your password right now is bigger than you think.
3. Look at the splash page customers see when they connect. Is there one? Does it have your name on it? Does it set terms of use? If the answer to any of those is no, you’re missing a layer of protection and a small branding moment.
If you want a real walkthrough
For members of the Menifee Chamber of Commerce, we do free WiFi site surveys. Somebody on site, mapping your coverage with a heat map, looking at how your networks are separated, telling you exactly where the gaps are. You’ll walk away with a written report you can keep. No pitch attached.
If your buildout is still in progress, you may also want to read [Before You Sign That Lease](#) — the IT decisions that cost or save thousands before you commit. And for the cabling side of a hospitality space (every access point is a cable decision), see [Why I Always Run More Cable Than You Think You Need](#).
Email hello@simonsayssystems.com to get on the survey list. Even if you decide we’re not the right fit afterward, the report is yours. Get the two-network setup right and your customers stay connected. Get the segmentation right and your business stays secure. That’s the whole job.
Simon Says: Stay Connected. Stay Secure.
— Craig