Identity Management / Ports: Sea, Land, & Air

Addressing Airport Security’s Inside Threats

 

airport_enewsAirline and airport workers (and vendors) require access to sensitive and restricted areas during the normal course of their required duties. Management needs to ensure that only authorized personnel have access to restricted areas – this is just as high a priority as passenger security checkpoints. However, many airports currently have siloed systems and processes used to manage employee credentials for facility access. Physical identity and access management operations are often handled manually. This results in higher costs of operations and potential danger because of errors, enrollment and termination delays, and a lower level of overall security.

Physical identity and access management (PIAM) software can solve airport identity challenges by unifying identity management airport-wide, integrating physical security systems, automating processes and simplifying control of employees, vendors and other identities. Software allows airports to manage the lifecycle of identities as they relate to physical access, including synchronized on/off-boarding across all systems harboring an identity record, access profile and zone management, and role-based physical access.

Automated and centralized management of identities and access at airports ensures compliance. Airport security policies and TSA (Transportation Security Administration) and FAA (Federal Aviation Administration) regulations require airports to vet and manage the lifecycle of their credentialed workers. Airports must consistently and efficiently perform all required steps and procedures while balancing this requirement against a timely and customer-friendly process.

Managing Identity Airport-wide

Identity management includes the fabric of systems, policies and procedures that govern and streamline the lifecycle of an identity and its relationship to an enterprise or entity. This concept can easily be applied to employers and their employees who are issued credentials to access and work in the various zones of an airport. Many departments have touch-points to these employees and their identities in which various systems and repositories are used.

Unified software systems enable operators to work in a single web-based interface that centralizes all identity information across relevant systems into a single view. The software interfaces seamlessly as needed with various systems throughout the airport. If there are prerequisites for an access control credential, software can track and ensure those requirements (authorization, I-9s, security checks, training, etc.). Also contributing to efficiency, use of special document-specific scanners for passports, driver’s licenses, etc. can store and manage PDF documents and monitor for expiration dates as part of an employer or identity record.

Software systems can also streamline time-consuming and inefficient processes such as issuing ID badges, managing various databases, adding new employees, responding to terminations or changing work assignments, and assigning access privileges across multiple physical access control systems.

Boosting Overall Operations

There are also multiple ways a software solution for airport identity management can boost overall operational efficiency and lower cost while achieving an acceptable security level and meeting regulatory requirements.

Software can leverage an existing Livescan solution and automatically submit applicants' information for automation of security threat assessment (STA) results and notification of criminal history records checks (CHRC) ready for review. Software can monitor airport workers' STA status in real-time and tie a worker's STA status to activation of an electronic airport badge.

Software systems also enable operators to set prices for employer interactions for direct billing or regular invoicing of charges such as badging, background checks, penalties, violations, lost assets (keys, cards, etc.), training, etc. Automation can recoup transactions that would not be cost-effective to recoup using manual methods.

Related to compliance monitoring, software can generate reports on an as-needed basis (nightly, weekly, monthly and on-demand) in the format required by the Transportation Security Clearinghouse and other channel service providers while providing real-time audit capabilities, eliminating the need for manual audits.

Meeting the Challenges

Various airline employees, vendors and multiple tenants need to be authenticated every day, and their physical access rights need to be controlled and managed dynamically based upon their role and policies affecting their access. In fact, airports present one of the most complicated scenarios in which to administer restricted-area access control, identity verification and issuance of access credentials. A multi-layer balance between security, costs and practicality can address these issues. Off-the-shelf PIAM software systems can solve these challenges and also create new operational efficiencies throughout the airport. 

Did you enjoy this article? Click here to subscribe to Security Magazine. 

Recent Articles by Ajay Jain

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.

Podcasts

Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security December 2014 issue cover

2014 December

This issue of Security Magazine covers our 12th annual Top Guarding Firms list. Check out the best of the best as of December 2014. The 21st century has brought with it new types of security threats. Read how to combat and protect against these threats.

Table Of Contents Subscribe

Security Emergency Preparedness Training

Which security personnel emergency preparedness training is the top priority to you and your enterprise?
View Results Poll Archive

THE SECURITY STORE

comptiahighriseproductphoto
CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

STAY CONNECTED

Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.