Addressing The Insider Threat

Modernizing systems enables better management of airport worker identities

Airline and airport workers require access to sensitive and restricted areas every day. Ensuring that only authorized staff has access to restricted areas is an important aspect of airport security, and one that requires the same high level of attention as passenger security threats.

Various airline employees, vendors and multiple tenants need to be authenticated every day. Their physical access rights need to be controlled and managed dynamically based upon their role and policies affecting their access. In fact, airports present one of the most complicated scenarios when administering restricted-area access control, identity verification and issuance of an access credential. Many airports have siloed systems and processes used to manage employees’ access credentials.

Physical identity and access management operations are handled manually, leading to potentially dangerous errors, a higher cost of operations, enrollment and termination delays and a lower level of security. A multi-layer balance between security, costs and practicality is required to address this issue. Leveraging technologies to achieve security goals can also improve efficiencies and customer service.

Airport security policies and TSA (Transportation Security Administration) and FAA (Federal Aviation Administration) regulations require airports to vet and manage the lifecycle of their credentialed workers. Airports must consistently and efficiently perform all required steps and procedures while balancing this requirement against a timely and customer-friendly process.

Challenges of Managing Airport Identities

Several challenges stand in the way of maximizing the

Cost pressures, which have limited staff sizes and man-hours in the air travel market, including less available time to manage identity issues.

Wide variety of systems, often involving operators to work in and out of multiple computer screens when addressing identity and access control issues.

Extensive prerequisites to qualify for a credential, which must be tracked and documented.

Dependence on manual processes, which are errorprone and expensive.

Physical identity and access management software can solve these and related problems by unifying identity management airport-wide, integrating physical security systems, automating processes and simplifying control of employees, vendors and other identities.

Software allows airports to manage the lifecycle of identities as they relate to physical access, including synchronized on/off-boarding across all systems harboring an identity record, access profile, zone management and role-based physical access.

Automation Adds Efficiency

Identity management includes the fabric of systems, policies and procedures that govern and streamline the lifecycle of an identity and its relationship to an enterprise or entity. This concept can be applied to employers and employees who are issued credentials to access and work in the various zones of an airport.

Many departments have touch points to these employees and their identities in which various systems and repositories are used. Commonly, these disparate areas have relationships to one another. For example, when an employer terminates an employee, the process must flow through these areas to ensure all aspects of that identity and all assets such as card and keys are returned or billed for properly.

Software can replace off-line, non-automated processes, which are not scalable and do not enable the automated compilation of information. Software systems can solve various airport pain-points and combine the needed elements of low cost, customer service, security and compliance. Off-the-shelf software can streamline and automate each airport’s operational processes.

Unified software systems enable operators to work in a single Web-based interface that centralizes all identity information across relevant systems into a single view. The software interfaces seamlessly as needed with various systems throughout the airport. If there are prerequisites for an access control credential, software can track and ensure those requirements—authorization, I9s, security checks and training.

Also contributing to efficiency, special documentspecific scanners for passports and drivers’ licenses can store and manage PDF documents and monitor for expiration dates. Paper file storage is not needed.

Software systems also can streamline time-consuming and inefficient processes such as issuing ID badges, managing various databases, adding new employees, responding to terminations, changing work assignments and assigning access privileges across multiple physical access control systems. In the airport environment, software can integrate and embrace the specific requirements related to TSA compliance and FAA regulations.

Boosting Overall Operations

There are many ways a software solution for airport identity management can boost overall operational efficiency and lower cost to achieve an acceptable security level and meet regulatory requirements.

Software can leverage an existing Livescan solution and automatically submit an applicant’s information for automation of security threat assessment (STA) results and notification of criminal history records checks (CHRC) ready for review. Software can monitor airport workers’ STA status in real-time and tie a worker’s STA status to activation of an electronic airport badge.

Software systems also enable operators to set employer interaction prices for direct billing or regular invoicing of charges such as badging, background checks, penalties, violations, lost assets—keys and cards—and training. Automation can recoup transactions that would not be cost-effective to recoup using manual methods.

Related to compliance monitoring, software can generate reports on an as-needed basis—nightly, weekly, monthly and on-demand—in the format required by the Transportation Security Clearinghouse and other channel service providers and provide realtime audit capabilities, eliminating the need for manual audits.

Another benefit is that changing systems, processes and directives can be easily adapted in a software environment. Previous investment in business policies and operations is not lost if a system changes.

A Holistic Approach

Airports have allocated significant resources to reducing the risk of passenger security threats in recent years, including modernization of scanning technologies, evolving behavioral techniques, risk-based approaches. In this same timeframe, despite evolving regulations and directives, less progress has been made in managing the threats within the airport related to employees with access to sensitive and restricted areas.

By applying tools that can streamline workflows, automate processes and integrate disparate systems, it is possible to reduce insider risks associated with manual, error-prone systems and practices.

Deployment of multiple software systems can be managed through a single Web-based database. Policy-driven software provides a holistic approach, combining global identity with compliance and risk assessment. Benefits include greater efficiency, lower costs, proactive management of regulatory compliance and safer airports for everyone.

This article originally appeared in the January 2013 issue of Security Today.


  • 12 Commercial Crime Sites to Do Your Research

    12 Commercial Crime Sites to Do Your Research

    Understanding crime statistics in your industry and area is crucial for making important decisions about your security budget. With so much information out there, how can you know which statistics to trust? Read Now

  • Boosting Safety and Efficiency

    Boosting Safety and Efficiency

    In alignment with the state of Mississippi’s mission of “Empowering Mississippi citizens to stay connected and engaged with their government,” Salient's CompleteView VMS is being installed throughout more than 150 state boards, commissions and agencies in order to ensure safety for thousands of constituents who access state services daily. Read Now

  • Live From GSX: Post-Show Review

    Live From GSX: Post-Show Review

    This year’s Live From GSX program was a rousing success! Again, we’d like to thank our partners, and IPVideo, for working with us and letting us broadcast their solutions to the industry. You can follow our Live From GSX 2023 page to keep up with post-show developments and announcements. And if you’re interested in working with us in 2024, please don’t hesitate to ask about our Live From programs for ISC West in March or next year’s GSX. Read Now

    • Industry Events
    • GSX
  • People Say the Funniest Things

    People Say the Funniest Things

    By all accounts, GSX version 2023 was completely successful. Apparently, there were plenty of mix-ups with the airlines and getting aircraft from the East Coast into Big D. I am all ears when I am in a gathering of people. You never know when a nugget of information might flip out. Read Now

    • Industry Events
    • GSX

Featured Cybersecurity


New Products

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • ResponderLink


    Shooter Detection Systems (SDS), an company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3