Airline physical access governance and cyber-physical security convergence

The AlertEnterprise physical identity access governance and cyber-physical security convergence platform enables airlines to eliminate security silos, to deliver the most complete view of threats and vulnerabilities while providing a frictionless, safe and secure physical access experience for your workforce.

End-to-end physical access lifecycle management

  • Rule-based, real-time automation ‘hire-to-retire’ of airline workforce badge & physical access management
    – Employees, contractors, corporate, crew, pilots

  • 360-degree enterprise view and transparency of an identity’s footprint
    – Access, trainings, validations, background checks

  • Frictionless safe and secure physical access experience
    – Self-service requests, review and approvals for physical access and badge management
  • Proactive compliance – automated safety, security, training validation and background checks prior to badge and access grants for employees and non-employees

  • Automated and continuous access/badge monitoring (including  return) with are business owners

  • Periodic reviews for regulatory compliance for critical areas and access creep mitigation

  • Embedded automated enforcement controls for safety & security protocols for expiring:
    • Badge
    • Access
    • Photo
    • Passport
    • SIDA
    • Training
    • Media Rooms
    • Background Checks
    • Simulators
    • GDPR
  • Fully automated integrations, complete data sync and integrity with internal and external systems
    – CASS, CLEAR, KCM, Airports, RapBack etc.

  • Digital transformation of all internal and external facing security operations with uniformity and standardization
    – Authorized Signatories, RapBack Enrollment, Remote sites, Emergency Access, Citations, Vehicle Decals etc

  • Mobile footprint, photo updates, rebadging, jump seat allocations, physical keys management, passport validity
    monitoring and advance notifications

Airline physical identity access governance and cyber-physical security convergence

The cost to operate systems in existing silos is expensive and full of risk. AlertEnterprise 
delivers a single unifying platform with a dual-focused objective:

1) Bridge the security gaps

2) Eliminate redundant spending

  • Real-time integration with HR, multiple PACS and IT / Business Systems

  • Consolidated decentralized badge management across hubs

  • Business partner onboarding,
    physical access governance

  • Contractor access governance

  • Self-service access requests

  • Automated notification and re-issuance of expiring badge

  • Removal of badge access on termination and risk indicators

  • Full life-cycle visitor identity management in multi-tenant environment
  • Identity intelligence to monitor insider threats

  • Unified identity profile and risk score

  • AI and Machine Learning behaviour analytics

  • Active policy enforcement for regulatory compliance
  • Unified dashboard across security systems (Video, PACS, Perimeter Intrusion Detection PID)

  • Easy, controlled information sharing

  • Mobile app for real-time, remote response

  • Automated remediation scripts

Types of insider threats

Airline employees are used to interacting with a workforce in constant flux, making it harder for permanent employees to question the presence of unfamiliar faces. This leads to situations where malicious insider threats can remain hidden in plain sight. Work environments that employ a large number of contractors and operate “multitenant” operations are always more susceptible to insider attack. An insider can swiftly cause devastation to airport infrastructure, leaving little trace of potential damage until the devastation manifests.

Employees that don’t know they’re being compromised

Employees that leave computer or terminal unlocked or
otherwise violate cybersecurity best practices

New personnel with little to no background information

Usually have legitimate user access to the system and willfully extract data or intellectual property

Systems slowly moving outside of reasonable parameters

Small incidents such as theft of IP or customer contact lists in a large volume of access pattern data that are difficult to detect

Insider threat protection with the transportation security administration (TSA) - lessons learned

In 2014, AlertEnterprise participated in a pilot project with the TSA, deploying our converged cyber-physical platform to combat insider threats and deliver a unified threat response. The success of the pilot project revealed the power of real-time integration of cyber and physical security systems for identifying, correlating and mitigating insider threat related activity. Since then, AlertEnterprise has been selected and deployed at CATX and CAT1 airports across the globe.

Insider threat protection with the transportation security administration (TSA) - lessons learned

A common digital identity for people and things is a starting point for provisioning airline system, data, network and physical access. Reduce the time and cost for detecting and resolving risk by automating threat protection across aviation IT, physical and operational systems from one place. AI and machine-learning Identity Intelligence technology automatically baseline identity profiles, allowing it to quickly sort through millions of events to detect behavior anomalies and trends for an effective response to potential malicious behavior and policy violations.

  • Incorporate risk scoring and behavior patterns
    into an Identity profile

  • Visibility across IT, Physical and OT assets
    allowing for real-time usage pattern analysis

  • PRA, background and training checks embedded into a risk score and profile leveraged for access control, granting
    and reporting activities

  • Behavior patterns allow for actionable intelligence to minimize the risk profile to the environment

Identity Intelligence technology helps prevent airline insider threats by maintaining a risk profile for the internal and external workforce, tracking access to critical areas within airports and flight operations. Conducting upfront risk analysis reduces risk and cost, eliminates fraud and enhances security

Airline workforce scheduling - a major risk

Airlines and airports can reduce the risk with converged security that delivers real-time integration between IT work schedule applications and physical access controls systems. There are three common issues when airports don’t know airline workforce schedules

  • Default is to grant 24/7/365 access

  • Rogue employees can access areas (e.g. SIDA/Baggage)
    outside of their shift hours

  • Neither Airlines nor Airports have any visibility to the risks

 

Hire-to-retire identity and credential lifecycle management

AlertEnterprise automates the entire onboarding / offboarding process starting with the pre-enrolment risk analysis that provide a high degree of automating for the vetting process.

End-to-end physical access lifecycle management

  • Streamline and automate the entire lifecycle management from request to return of all airline assets (ID Badges, Keys, Laptops, etc.), physical and digital access using an online portal and AE’s Guardian workflow engine.

  • Integrations with various HR, ERP, and IT applications like to offer a “single pane of glass” view of each identity, the “time and place” access provisioned to that identity, and how that access is being used along with reports of any violations or abnormalities.

  • Continual vetting using integrations with various international, federal, state, and local digital repositories to determine credit history, criminal activity, policy and regulatory violations, and misconduct.

  • Identity Intelligence compares behavior to a normalized dataset to calculate a dynamic Risk Score which indicates the evolving threat each insider poses to the airline, airport, or organization.

  • Automatically trigger incident response SOPs with situational intelligence.

Final call.

Next-gen identity access management without a systems overhaul?
Don’t get left behind.

David Cassady

Chief Strategy Officer

David Cassady has been selling and leading teams in Silicon Valley for more than 30 years. During that time, he’s led a mix of established software players and startups. Cassady has also been involved with five IPOs — and at least as many acquisitions. 

As Chief Strategy Officer, David leverages his extensive experience helping software businesses drive growth through deep and impactful partnerships with the world’s most successful SaaS providers like ServiceNow, Microsoft and SAP. 

Mark Weatherford

Chief Security Officer
Senior Vice President, Regulated Industries

Mark Weatherford brings years of high-level cyber-physical expertise to AlertEnterprise, and as Chief Security Officer (CSO), he guides the strategy of data management and protection by advising cyber-physical security policies and procedures within the company. Weatherford also works in liaison with businesses and executive professionals in the cyber and physical security industries to further accelerate security convergence adoption.

Mark has held numerous high-level cyber-centric positions, including Vice President and Chief Security Officer at the North American Electric Reliability Corporation (NERC), the Department of Homeland Security’s first Deputy Under Secretary for Cybersecurity under the Obama administration, California’s first Chief Security Officer, and the first CISO for the state of Colorado.

Harsh Chauhan

Chief Technology Officer

As Chief Technology Officer (CTO) of AlertEnterprise, Harsh Chauhan is responsible for the company’s engineering technology innovation and solution delivery. A 20-year technology veteran and leader, Chauhan is focused on the growth of the company’s 3D Governance Risk Compliance (GRC) hyperscale cloud platform.

He also continues to develop integrated solutions with leading technology partners like SAP, SAP NS2, and ServiceNow. Before AlertEnterprise, Mr. Chauhan held multiple CTO positions, as well as Product Owner and Head of Development at SAP GRC 10.0, delivering targeted solutions to high-profile SAP clients.

Ruby Deol

Chief Operations Officer

Ruby Deol oversees all business units at AlertEnterprise. With more than 20 years of experience in global sales and support services, Deol nurtures existing client relationships with a customer-first approach. As AlertEnterprise continues to grow in industry recognition and stature, Deol is charged with developing and implementing methods to meet organization goals and facilitate the company’s ongoing transformation.

Kaval Kaur

CFO and Co-Founder

As Chief Financial Officer (CFO) and Co-Founder of AlertEnterprise, Kaval Kaur leads all finance and administrative back-office operations. Kaur is a member of the national professional organization American Institute of Certified Public Accountants (AICPA) and the California State CPA Society.

Prior to joining AlertEnterprise, she was the CFO and Co-Founder of Virsa Systems, a position she held until its acquisition by SAP.

Kaur is a philanthropist at heart, embracing the diversity of the San Francisco Bay area by assisting with and promoting special cultural events. She recently sponsored 2,000 public schools in rural India to advance computer literacy skills for children and is a foster mother to a 10 year old.

Jasvir Gill

Founder and CEO

Leading the charge of digital transformation and security convergence is Jasvir Gill, Founder and CEO of AlertEnterprise, Inc. An accomplished engineer by trade, Gill is driving the long-overdue digital transformation of the physical security industry.

Prior to launching AlertEnterprise, Gill was the founder and CEO of Virsa Systems, where he grew the company into a global leader of application security software. An early pioneer in establishing governance, risk and compliance as a software market segment, he drove exponential growth at Virsa, facilitating its acquisition by SAP in 2006.

In his free time, Jasvir helps drive social and economic empowerment in the community. He’s also a trustee at the American India Foundation.