Domino's Pizza clamps down on mobile device use

Domino's Pizza is attempting to combat the IT threat from internal users by controlling the use of mobile devices.

Domino's Pizza is attempting to combat the IT threat from internal users by controlling the use of mobile devices.

The pizza chain, which now receives 10% of its orders via the web, says it needs to protect the sales and financial data - including customer credit card information - which passes through its network.

The move comes in the wake of a series of high-profile data leaks, including the hacking attack against US company TJX, which led to 45.7 million credit and debit card numbers being stolen over a period of 18 months.

"We have spent a lot of time and effort protecting our systems and data from external threats. But with the proliferation of small and cheap portable storage devices, it was essential to extend this security strategy to our internal systems," said Tim Cawley, IS manager at Domino's Pizza.

Domino's has more than 450 outlets across the UK and Ireland, and has implemented Devicewall from Centennial Software on PCs across the company to block the unauthorised use of portable devices.

Domino's used the software to monitor its users to determine which departments were attaching particular handheld devices to the network. It used the information gleaned to create a security policy, which is enforced using the Devicewall software.

"Using the software initially in monitor mode allowed us to build a picture of current portable storage usage. This helped us draft and enforce a security policy that protected our sensitive data without compromising productivity," said Cawley.

The analysis meant that the IT department could approach each business unit to determine what was appropriate and inappropriate business use of a specific portable device.

"It is important to take a proactive stance on security. This involves identifying and addressing potential threats in order to provide a safe computing environment for the company, our customers and our suppliers," Cawley said.

Domino's said it chose the Devicewall product because of its ability to integrate with its Microsoft Active Directory system, which manages all user profiles and logins.

Domino's now plans to use Devicewall's in-built 256-bit encryption facility to encrypt any information that is transferred to a mobile device, to mitigate against theft or loss of those devices.

Podcast: mobile device threats are real >>

More about Devicewall from Centenial Software >>

David Lacey's security blog >>

Computer Weekly guide to establishing a security policy >>

Read more on IT risk management