Join our daily and weekly newspapers for exclusive content on the latest updates and industry-composure AI coverage. learn more
In SwissportStrengthening the world, security and networking provides the opportunity to serve and grow more customers.
The global IT operation of Swissport began to highlight the strains of relying on heritage systems for safety and networking, which were quickly becoming an obligation for the company. Senior management may see that centralized visibility was a major challenge, due to which they were motivated to take quick action.
The growth of Swissport defeated its heritage systems
Swissport faced security and networking challenges as its trade expansion rose. The inheritance system was interrupting the ability to serve customers, secure global locations and expand business. The senior management team told venturebeat that Legacy Systems were not keeping their business pace, starting with the team to consider new options, start with safe access service edge (SASE).
In 2024, Swissport provided ground services for 247 million airline passengers, handled over five million tonnes of air freight in 117 cargo centers and served airlines at 279 airports in 45 countries in six continents. As the world’s largest provider of ground and cargo handling services in the aviation industry, Swissport Excel for its customers how a main part of Excel is adding and securing its global IT operation. This is a table bet for a business with over 26,000 users, including ground crew and remote workers.
“The biggest challenge was not just visibility-this was the continuation,” said Gills Ashton-Roberts, Chief Information Security Officer of Swissport. “We had to unite how we apply safety on hundreds of sites without slowing down the business.”
From fragmented infrastructure to SASE
“We are actually a 24/7 business. It is always an extreme time in the world,”, Chief Technology Officer of Swissport, Richard Thorp, in an interview recently told Venturebeat, and we need to keep our network safe and available. ” “This means standardizing security and ensuring that every user and every device are covered – whether they are in a coffee shop or on the trumac.”
The Legacy systems were not expanding rapidly so that the Swissport was experiencing with the speed of rapid expansion. The inheritance system, with fragmented infrastructure, on which they were based, were slowing down development and creating potential security and networking challenges. Swissport set ambitious goals to redefine its safety and networking stacks, replacing fracture virtual private networks (VPN), tools with uneven equipment and inconsistent policy enforcement fully with new SASE Architecture.
“Before this change, we were managing various systems at various sites with different policies – and the visibility was fragmented,” Thorp said. “Now we work under a set of security policies globally, and I can sleep at night that the environment is safe.”
Every connection, whether from the kiosk or hybrid work device of an airport, is now identity-inconvenienced, is constantly exposed, and is applied in real time from a single, cloud-country SASE platform. The Zero Trust is applied to every endpoint and interaction, which gives the Swissport flexibility to grow at that speed, serving its growing customer base.
Why is SASE Swissport’s Architectural overhaul
The decision of Swissport to adopt Sase Architecture underlines the importance of maintaining and maintaining real -time accountability, transparency and accuracy to maintain and enhance many of its customer relations worldwide. Excellence in global aviation services occurs when each operating unit has the required data. SASE Swissport helps in creating an integrated team liberation for excellent targets from customers.
The venturebeat benefits SASE beyond changing heritage systems with an integrated architecture. The faster and more accurate the data, the more business can reach distance offices and locations, keep them coordinated with broad teams and obtain maximum returns on invested capital (ROIC).
Venturebeat is still watching this drama in capital-intensive service businesses, where improving accountability and geographically united the diverse network has a direct impact on revenue. The SASE strategy of Core to Swissport is an integrated architecture that units more than 320, ensuring more secure, real-time communication in each location and network-wide.
In defining its SASE strategy, Swissport opted for a single, cloud-country sase platform. Gartner Notes have many advantages of this approach, including platform integration, simplified policy control and identity-inconvenience access that adapt in real time.
Swissport has worked proper hard work among all the Sase vendors who also offer zero trusts as a part of their architecture and chose Cato network For its single management aircraft, integrated data lakes, presence of global points (POPS) and software-defined wide area network (SD-W) ability to collapse and protect in an enforcement layer. Thorp told Venturebeat that an important inspiration to adopt the SASE platform was needed to move away from supporting multiple heritage platforms, each with its unique configuration. “Different platforms require separate configurations, which create a challenge to complex troubleshooting and safety enforcement,” Thorp said.
Ashton-Roberts said, “COTO’s TLS inspection provides us the ability to inspect encrypted traffic while avoiding unexpected service disruptions.” “This is a major improvement in our security currency.” Transport Layer Security (TLS) Inspection is central to maintain Swissport’s network and security infrastructure. Encrypting and decrying TLS and safe socket layer (SSL) traffic is necessary in the SASE infrastructure of Swissport, as it protects data and helps identify potential hazards. TLS inspection analyzes the content of each encrypted message to detect malware, data exfILTION, or other malicious activities that can be more harmful.
Five lessons learned from Swissport’s Sase Blown
While most enterprises are trying to integrate the safety service edge (SSE), SD-Waunts, and ZTNA together, Swissport selected everyone to go on platform consolidation with Kato to collapse its safety technical stack, standardized policy enforcement and embedded safety in network clothes directly.
Ashton-Roberts and Thorp told venturebeat that SASE is providing visibility, they need to run their global IT operation smoothly. At the same time, Zero Trust applies minimal privileges and protects assets, resources, and, most importantly, identification and roles of employees and customers on the network.
SASE Bloprint of Swissport consists of the following five principles:
- The detection of the end-to-end Zero Trust turns into immediate action. Swissport is implementing the zero trust at every edge and closing point. They have replaced Legacy VPN with a completely certified, fragmented and adaptive network fabric that scores continuously in every session for risk. “Within 15 minutes, our team identified excessive database traffic, blocked the device and restored normal operations – something that would take us the first day,” Thorp told Venturebeat.
- Global security becomes easier when the policy is integrated. The inheritance system of Swissport was a patchwork of multiprootocol labeled switching (MPLS) links, field-specific VPN and isolated firewalls, each built at different times and provided all inconsistent policy enforcement and continuous friction. Now, a single policy structure controls network access in Amazon Web Services (AWS), Microsoft Azure, Cloud SAAS applications and airport edge systems. There is no location-specific logic or manual drift, just real time control. Gartner The forecast is by 2027, 40% At least of the large enterprises, a zero trust network access (ZTNA) will adopt location-unknown enforcement in the form of baseline 10% In 2024. Swissport is already working on that model, leveling the complexity while increasing access.
- Real -time visibility is a business accelerating driving result and ROI. Legacy Systems left Swissport Blind for cross-domain hazards. It took days to correct the root cause with the response. Now, all traffic from airport terminals to cloud mother-in-law app is streamted in a single data lake that supports continuous, role-based access control (RBAC) and danger analytics. “This is incredibly easy to indicate connectivity issues, analyze traffic patterns and secure our network from a single interface,” Thorp said. As GartnerLess than half the vendors provide integrated observation in users, equipment and apps at all sides. Swissport built it in the foundation.
- Decry everything, do not interrupt anything: safe TLS on the scale. Encrypted traffic is a new blind spot. Many enterprises still bypass TLS inspection to avoid delay or application breakdown. Swissport chose differently. By deploying full inline TLS inspection in its backbone, the Swissport maintains visibility in encrypted dangers without disrupting the Mission-Critical Aviation System. Most SSE and ZTNA vendors still rely on partial decryption or bypass tunnels, according to the latest review of Gartner’s adaptive access capabilities. Swissport proved that complete inspection is also obtained in high-secular, high-availability environment.
- A SASE platform wins trade rapidly. Swissport did not add more vendors; They consolidated them. A SASE platform replaced a spread of SD-Wan devices, VPN concentrations and standalone safety devices. Result? Sites come online in hours, not the week. New users are immediately preserved. Policy changes are promoted globally in minutes. YesAarter Projects 65% All SD-WAN purchases will be bundled in single-sellers SASE platforms by 2027 20% In 2024. Swissport did not wait. He made the SAS baseline, not bolt-on, and it shows in their global agility.
