icon-aviation

Solution

Aviation

AIRLINE PHYSICAL ACCESS GOVERNANCE AND CYBER-PHYSICAL SECURITY CONVERGENCE

The AlertEnterprise physical identity access governance and cyber-physical security convergence platform enables airlines to eliminate security silos, to deliver the most complete view of threats and vulnerabilities while providing a frictionless, safe and secure physical access experience for your workforce.

END-TO-END PHYSICAL ACCESS LIFECYCLE MANAGEMENT

WORKFORCE
ENABLEMENT

Day 1 Productivity

GOVERNANCE, SAFETY & COMPLIANCE

Safe and Secure Workspaces

• Badge • Passport • Media Rooms
• Training • Simulators • Access • SIDA
• Photo • Background Checks • GDPR

SUSTAINABLE OPERATIONAL EXCELLENCE

Organic with Elasticity

Airline Physical Identity Access Governance and Cyber-Physical Security Convergence

The cost to operate systems in existing silos is expensive and full of risk. AlertEnterprise delivers a single unifying platform with a dual-focused objective: 1) bridge the security gaps and 2) eliminate redundant spending.

Enterprise Guardian

PHYSICAL IDENTITY ACCESS MANAGEMENT

Workforce Access Governance

Identity Intelligence

Workforce Intelligence

Workforce Intelligence

Enterprise Sentry

Unified Threat Response

Cyber-Physical Security Convergence

Security Convergence Platform

ae shield FINALol Shield ONLY
ae shield FINALol Shield ONLY

Integration Framework

Types of Insider Threats

Compromised / Pawn

Employees that don’t know they’re being compromised

Malicious / Expert

Usually have legitimate user access to the system and willfully extract data or intellectual property

Careless

Employees that leave computer or terminal unlocked or otherwise violate cybersecurity best practices

Slow Poison

Systems slowly moving outside of reasonable parameters

0-Day Insiders

New personnel with little to no background information

Needle in a Haystack

Small incidents such as theft of IP or customer contact lists in a large volume of access pattern data that are difficult to detect
Airline employees are used to interacting with a workforce in constant flux, making it harder for permanent employees to question the presence of unfamiliar faces. This leads to situations where malicious insider threats can remain hidden in plain sight. Work environments that employ a large number of contractors and operate “multitenant” operations are always more susceptible to insider attack. An insider can swiftly cause devastation to airport infrastructure, leaving little trace of potential damage until the devastation manifests.

Insider Threat Protection with the Transportation Security Administration (TSA) - Lessons Learned

In 2014, AlertEnterprise participated in a pilot project with the TSA, deploying our converged cyber-physical platform to combat insider threats and deliver a unified threat response. The success of the pilot project revealed the power of real-time integration of cyber and physical security systems for identifying, correlating and mitigating insider threat related activity. Since then, AlertEnterprise has been selected and deployed at CATX and CAT1 airports across the globe.

A Unified Identity Profile Enables Intelligence Decision Making

A common digital identity for people and things is a starting point for provisioning airline system, data, network and physical access. Reduce the time and cost for detecting and resolving risk by automating threat protection across aviation IT, physical and operational systems from one place. AI and machine-learning Identity Intelligence technology automatically baseline identity profiles, allowing it to quickly sort through millions of events to detect behavior anomalies and trends for an effective response to potential malicious behavior and policy violations.
Identity Intelligence technology helps prevent airline insider threats by maintaining a risk profile for the internal and external workforce, tracking access to critical areas within airports and flight operations. Conducting upfront risk analysis reduces risk and cost, eliminates fraud and enhances security.

Airline Workforce Scheduling - A Major Risk

There are three common issues when airports don’t know airline workforce schedules
  1. Default is to grant 24/7/365 access
  2. Rogue employees can access areas (e.g. SIDA/Baggage) outside of their shift hours
  3. Neither Airlines nor Airports have any visibility to the risks
Airlines and airports can reduce the risk with converged security that delivers real-time integration between IT work schedule applications and physical access controls systems.

Hire-to-Retire Identity and Credential Lifecycle Management

AlertEnterprise automates the entire onboarding / offboarding process starting with the pre-enrollment risk analysis that provide a high degree of automating for the vetting process.

AlertEnterprise Features Summary