BUSINESS: Edinburgh Airport is Scotland’s busiest airport, transporting millions of passengers to over 150 locations worldwide every year.
BUSINESS CHALLENGE: With passenger numbers rapidly increasing and a commitment to year-round operations, how could Edinburgh Airport avoid any disruptions to business, and keep passengers moving smoothly towards their destinations?
Edinburgh Airport is Scotland’s busiest and the UK’s 6th busiest airport, transporting 13.4 million passengers to and from more than 150 destinations worldwide in 2017.
With flights running 24/7, 365 days a year, the effects of any disruption to Edinburgh Airport’s operations will be felt immediately. Any issues with IT systems can directly impact travel plans, and it’s crucial for all airports that passengers can fly on time.
Denis McIlroy, Head of IT Architecture, Security and Operations at Edinburgh Airport, says: "Even the slightest interruption to our timings or operations can have massive consequences – something as simple as a five-minute power outage can cause our passengers a range of issues."
Such fine margins mean a major cyber-attack could have potentially devastating effects on business, and Edinburgh Airport recognised the need to improve its threat remediation and patching operations, which were all handled manually.
Denis McIlroy continues: "Since it took so much time to update our backend PCs, they were patched very infrequently. Our teams were putting in lots of work for very little reward – and we were only just scratching the surface of the threats we faced."
"To avoid the risk of a major outage, we decided to instigate a program to raise the maturity of our cyber security processes. This began with gaining greater visibility of the threats facing the airport."
Why Edinburgh chose Qualys:
Edinburgh Airport considered several information security providers, favouring a software-as-a-service (SaaS) model for its flexibility in both fees and deployment. After weighing up the benefits of each shortlisted vendor, the airport identified Qualys as the outstanding choice – offering the greatest impact to the company with the least manual input.
To improve the visibility of risks across its network, Edinburgh Airport selected Qualys Vulnerability Management (VM) and Qualys Cloud Agents.
Craigg Barr, Technical Architect at Edinburgh Airport, explains: “Using Qualys VM, we scan more than 2,000 different assets – including around 300 servers. VM collates all data into weekly reports so we can check whether flagged vulnerabilities have been successfully remediated. We also produce more detailed monthly reports to give us a clear overview of our entire network."
"We have a dynamic environment with many people working remotely or in different offices, and Qualys VM enables us to keep track of all of our assets regardless of their location. For remote workers with newer laptops we also use Qualys Cloud Agents to save them having to come into the office for compliance scans, ensuring we still get an accurate reflection of the status of vulnerabilities on every digital asset."
Additionally, Edinburgh Airport implemented Qualys Threat Protection (TP) to provide an immediate and user-friendly method to remediate emerging risks.
"The dashboarding capabilities in Qualys TP gives us an instant view of any risks that are currently being exploited, or shows us how they could be exploited,” says Craigg Barr. “Qualys TP provides the first line of defence across our new, protected network."
“Qualys has given us the ability to rapidly identify any vulnerabilities in our network and fix them without any disruption to our operations.”
Head of IT Architecture, Security and Operations, Edinburgh Airport
With Qualys solutions now in place, Edinburgh Airport has greater visibility of the potential cyber risks to its operations and as a result, can remediate most threats before any disruption can impact operations or passengers.
Denis McIlroy explains: "Qualys has given us the ability to rapidly identify any vulnerabilities in our network and fix them without any disruption to our operations. Over the course of a week, Qualys VM runs three scans for all of our remote and on-site assets, and two scans for our servers, giving us unprecedented clarity in our reporting."
"Our remediation teams can quickly digest the information provided by the Qualys solutions, which enables us to prioritise and resolve threats in our regular patching cycles. In addition, Qualys produces detailed data for quarterly reports that we send to the board of directors, to give them a snapshot of the risks facing the network."
Edinburgh Airport has also gained the capability to react almost immediately to emerging or evolving threats, to avoid any sudden outages that could impact travel plans at short notice.
Craigg Barr says: “With Qualys TP in place, we feel completely prepared for any zero-day exploits. We began our journey with Qualys shortly before WannaCry struck, which opened our eyes to the importance of regular patching and rapid remediation capabilities."
"Now we run a regular patching cycle for every one of our assets. If we detect another severe threat like WannaCry, we have the ability to run ad-hoc scans to check the risk and help us take the appropriate steps in time."
Looking to the future, Edinburgh Airport is confident about meeting any upcoming regulations governing data protection following the introduction of the GDPR.
Denis McIlroy concludes: "With the visibility that the Qualys solutions provide across our network, we can be confident we'll be ready to meet any new regulations around our security. At the moment we’re concentrating on streamlining our operations and eliminating the threat of disruption to keep our passengers flying on time, and we are considering implementing Qualys Policy Compliance (PC) to give us even more peace of mind."