Whether carrying freight or passengers, and whether operating nationally or across borders, transport providers face some of the broadest and most complex IT and regulatory challenges of any industry. With fierce competition, unpredictable fuel costs, and increasing pressure to reduce carbon footprints, many transport operators are turning to a combination of IT and telecommunications to provide the necessary competitive edge.
This rise of Intelligent Transport Systems (ITS) combined with trends such as the Internet of Things and Intelligent Mobility, is rapidly expanding the volume, velocity and variety of transport-related data processing. But protecting this data, both to safeguard some of the organisation’s most valuable assets, as well as to comply with all the necessary government and transport association regulations, presents its own challenges.
Facts & Figures
“Wallix Privileged Account Management is instrumental for Gulf Air in complying with the required international and industry standards.”
Dr. Jassim Haji, IT Director
Highest among these is the challenge of privileged access management
Due to the increasing complexity of transport IT infrastructures, which may even include Supervisory Control and Data Acquisition (SCADA) systems, the number of staff and outside contractors with admin or super-user privileges is escalating. And while most of these IT systems may be relatively well protected from external attack, insiders (or outsiders who have somehow acquired the access credentials of your insiders) are rarely controlled and monitored with adequate vigilance.
This challenge is further complicated by the high level of interdependence required between the IT infrastructures of some operators and those of their customers. While this tight integration is necessary for the optimisation of business processes, it inevitably increases the number of privileged user accounts, and may force the transport operator to comply with the regulations of their customers’ industries as well as their own.
“WALLIX helped in providing real time resource management, reporting and monitoring capabilities for IT administrators, improving the overall efficiency of Gulf Air’s IT function.”
Dr. Jassim Haji Director IT of Gulf Air
“Internal resistance to change was overcome by demonstrating the advantages of gaining control over external service provider access and by the internal dynamics…”
Raphaël VIGNON-DAVILLIER, CISO / Quality and Control / IT Audit at Bolloré Logistics
Why transportation should focus on Privileged Account Management ?
Privileged Access Management (PAM) refers to a group of technologies designed to mitigate the inherent risks associated with the privileged user accounts of administrators and super-users. By providing full control and visibility of the critical, daily tasks of such personnel, an effective PAM solution can significantly reduce the risk of attack, while helping to ensure compliance with the relevant safety and reliability standards of the transport industry.
Facing the regulatory compliance challenge
In addition to the responsibility to customers and investors, to secure valuable or sensitive data, transport providers must also comply with a range of industry regulations spanning areas such health and safety, the need to track the movement of goods and passengers, Customs-Trade Partnership Against Terrorism (C-TPAT), Authorised Economic Operator (AEO) certification, Payment Card Industry Data Security Standard (PCI DSS), and various international regulations concerning end-user privacy and data protection.
Meeting transportation requirements with Wallix privileged account management solution
At WALLIX, we believe that the value of a software solution lies as much in its ease of implementation and usage, as with its functional and technological capabilities. WALLIX AdminBastion (WAB) Suite has therefore been designed not only to cover all risks relating to privileged access within the transport industry, but to do so in the simplest, most intuitive way, ensuring that business challenges are addressed in the shortest possible time and with minimal disruption to existing workflows.