- Kim Dickie and her team at SFO were tasked with overhauling the airport's security infrastructure as passenger numbers rose. They saw the reopening of Terminal 2 as an opportunity to transition to a new credentialing and access management system.
- After reviewing options, they selected Quantum Secure's SAFE for Aviation software, which would integrate previously manual security processes and databases in a centralized system. However, Dickie still needed to justify the costs to senior management.
- The document discusses the challenges of SFO's existing fragmented security systems and processes. It describes how Quantum Secure's SAFE software aims to automate and streamline identity management, access control, and compliance through a single centralized system.
1. [removed]
REVISED FEBRUARY 19, 2020
DANIEL DIERMEIER AND EVAN MEAGHER KEL720
San Francisco International Airport and
Quantum Secure’s SAFE for Aviation System:
Making the Business Case for Corporate Security
On January 22, 2008, Assistant Deputy Director of Aviation
Security Kim Dickie met with her
team in a conference room at San Francisco International
Airport (known by its three-letter airport
code, SFO) to review the challenge facing them.
Steadily rising passenger counts and the increasing launch of
2. service by low-cost carriers such
as Virgin America, Southwest Airlines, and JetBlue Airways
had compelled SFO’s Airport Director
John Martin to announce plans to renovate and reopen Terminal
2, shuttered in 2000 upon the
opening of SFO’s new international terminal. The $383 million
project would require new heating
and ventilation installations, energy-efficient architectural
design, and the construction of four
additional gates, but Dickie was focused on the security
infrastructure requirements.1 In addition,
Dickie’s boss, Henry Thompson, the Associate Deputy Airport
Director of Safety and Security, had
a mandate to overhaul the security infrastructure of the airport,
tightening loopholes around
employees and passenger security, airside operations, badge
credentialing, physical identity and
access management, as well as investing in technology,
automation, and intelligence to create a next-
generation model airport.
Dickie and her team saw the Terminal 2 reopening as an
opportunity to start a much-needed
transition to a long-term airport-wide credentialing and physical
identity and access management
(PIAM) system that would meet the growing need of airport
risks and comply with regulations from
the Transportation Security Administration (TSA).2 After
months of work, she and her team had
selected Quantum Secure’s SAFE for Aviation software suite as
the new Terminal 2 credentialing
system.
The infrastructure upgrades required by the renovation provided
both momentum and initial
support from senior executives, but Dickie still needed to
4. This document is authorized for use only by Qianrui yang in
Copy of MGMT 6140: Managing Digitization and
Transformation-1 taught by T Ravichandran, Rensselaer
Polytechnic Institute - Troy
from Aug 2022 to Feb 2023.
mailto:[email protected]
http://www.tsa.gov
SFO AND QUANTUM SECURE KEL720
regulations. Dickie and her team had a small window of
opportunity to develop a business case that
would convince senior management to fund the purchase.
Airport Security
Security at SFO posed unique challenges. The most obvious was
the more than 100,000
5. passengers who used the facility’s ticketing and check-in lines,
security screens, gates, and baggage
claim every day. Less visible were the thousands of tenants,
vendors, airline personnel, and third-
party contractors who needed to be authenticated and whose
physical access rights had to be
controlled and managed dynamically based on their role and the
airport’s security policies.
Due to the vast array of security threats, managing the identities
of these people, their
credentials, and their physical access to facilities, all airports
were required to execute mission-
critical processes, which included:
security clearances for access
to secured locations from the TSA, the Canadian Air Transport
Security Authority
(CATSA), or other relevant national transportation security
governing bodies;
BASIC (Biometric Airport Security
Identification Consortium) messaging integration to
communicate with the Transportation
Security Clearinghouse;
included the management and
storage of related documents, such as a copy of a passport or I-9
form;
-service access rights to allow approved
parties to enroll their own
employees and subcontractors and grant them physical access
6. rights prior to their on-site
arrival;
nd enforcing new security directives like
SD-1542-04-08G, which
governed the security protocols for transient aircraft and after-
hours operations, or SD-
1542-04-08F, which required security threat assessments on a
wider range of parties
including pilots, baggage screeners, and other airport
employees;
systems (PACS), human
resources and information technology systems, and biometric
employee databases so as to
generate a common workflow and consistent policies across all
systems;
detected and penalized, with
penalties escalating with each subsequent violation; and
r
people have the proper access
for the proper reasons.
In principle, airports could have completed these processes by
creating a single notion of a user’s
identity for use across the entire facility and attaching that
identity to a set of access rules overseen
by aviation employees and airport tenants. This would have
established a unified policy paradigm
that issued credentials, managed rules, and modified or
retracted access when the role was changed
or terminated.
7. KELLOGG SCHOOL OF MANAGEMENT 2
For the exclusive use of Q. yang, 2022.
This document is authorized for use only by Qianrui yang in
Copy of MGMT 6140: Managing Digitization and
Transformation-1 taught by T Ravichandran, Rensselaer
Polytechnic Institute - Troy
from Aug 2022 to Feb 2023.
KEL720 SFO AND QUANTUM SECURE
In actuality, however, each of these procedures was handled
separately, processed manually,
and the results entered into separate databases. This approach
led to numerous problems. For
8. example, there was no routine way to determine if an access
card had been successfully deactivated
after the termination of an airport worker, nor was there any
way to tell if an airport worker without
the required privileges had access to a restricted area. The
databases had different formats and file
types, so they could not communicate with each other or be
checked for internal consistency, so
updates lagged days or weeks behind actual changes such as
terminations. These challenges were
exacerbated by the fact that airport badging operators often
lacked understanding of the strategic
importance of following certain protocols and assessing risks.
This led to inefficiencies, delays, and
at times, compromised security levels.
The disjointed execution of these processes—which were often
conducted out of sequence and
required additional resources for correction—undermined
airports’ operational efficiency. (See
Exhibits 1 and 2.) For example, one large international airport
took three weeks to register an
employee in the parking, payroll, human resources, and PACS
databases. “You’d go stand in this
huge line, and you’d get to the front of the line, and they would
say, ‘This isn’t right, come back
Tuesday to fill out new forms,’” said Ajay Jain, president and
CEO of Quantum Secure, a provider
of enterprise-wide security software solutions. “The wait was so
long that people were starting to
leave and just abandon these job offers, thereby creating heavy
strain on airport operations.”3
The challenges did not end once a new employee was registered
in the systems—any changes
to access permissions required that a massive spreadsheet be
9. printed and compared to the list used
at an access point to identify any additions, deletions, or
modifications. This inefficient, highly
manual, and error-prone process had been the status quo in the
physical access control world for
decades, but development of comprehensive software solutions
offered the prospect of integrating
and streamlining existing procedures.
Process automation not only promised improved efficiency,
speed, and cost, but also improved
compliance that could mitigate potentially serious legal and
reputational risks. “When you talk to a
higher-level audience and outline these issues at the CXO level,
that audience understands the
limitations there,” Jain said. “They know they’ve got major
compliance and risk issues to deal with,
and they’re asking, ‘How do I clean that up? How do I make
things accountable?’”4
Quantum Secure and SAFE
Founded in 2005 in San Jose, California, Quantum Secure was a
privately held provider of
software-based solutions and platforms for physical identity and
access management.
Quantum Secure’s core offering was the SAFE software suite, a
commercial off-the-shelf
solution that streamlined the identity management and access
provisioning processes for clients with
large facilities that required rigorous physical security and
access management procedures. SAFE
for Aviation enabled users to create a single notion of identity
across the entire airport that integrated
previously fragmented manual processes as well as biometrics.
10. This integration enabled security
3 Phone interview with Ajay Jain, February 22, 2011.
4 Ibid.
KELLOGG SCHOOL OF MANAGEMENT 3
For the exclusive use of Q. yang, 2022.
This document is authorized for use only by Qianrui yang in
Copy of MGMT 6140: Managing Digitization and
Transformation-1 taught by T Ravichandran, Rensselaer
Polytechnic Institute - Troy
from Aug 2022 to Feb 2023.
SFO AND QUANTUM SECURE KEL720
11. managers to create policies and general procedures for issuing
credentials and granting access to
airport facilities.
SAFE’s flexible system architecture and policy/rules-based
framework accommodated changes
and additions to rules, workflows, and policies without
programming, which meant that ever-
changing regulations and internal initiatives could be easily
incorporated without costly upkeep and
development charges. It also addressed “insider threats” by
continuously monitoring video and
marrying it with analytics of access behavior to identify
anomalies that could provide early warning
of any potential threats.
SAFE for Aviation integrated directly with the existing airport
security infrastructure, obviating
the need for costly replacement of existing security systems,
hardware, controllers, and other
products. The software integrated with all leading PACS,
training systems, TSA-mandated
background-check processes, and other airport-specific IT
systems, allowing disparate security
systems to act as a single unit. (See Exhibits 3 and 4.)
In 2008, Toronto Pearson International Airport deployed the
SAFE suite. Based on preliminary
results, the airport expected to meet the following goals:5
ssing a badge by 28 percent,
from $49 to $35;
minutes;
12. minutes to 25 minutes; and
l audit and
compliance.
Bryan Scott, the Greater Toronto Airports Authority’s senior
manager of security
infrastructures, said, “. . . the PPCO [Pass/Permit Control
Office] serves an average of 175 clients
per day and more than 45,000 employees and contractors each
year for a wide variety of pass/permit
requests. We needed a system that could keep up with this
demand, ensuring that important staff
started work in a timely fashion while maintaining high levels
of customer satisfaction.”6
Selecting a
Solution
With the announcement that SFO would be renovating Terminal
2 to accommodate increased
demand for gates from discount air carriers, Dickie’s team
needed to decide how to solve its PACS
challenges. For decades, SFO had relied on physical access
systems—the systems that opened and
closed doors—that were not designed to implement integrated
13. processes, such as policies related to
access grant or revocation, as well as the ability to manage
compliance with internal controls.
Although SFO had led the industry with the installation of
biometric technology at access
control doors in 1990, “it was very painful,” Dickie said. “We
desperately wanted to move away
from legacy manual processing to automating and streamlining
our credential issuance process. We
5 “Quantum Secure Deploys SAFE Software Suite for Toronto
Pearson International Airport,” PR Newswire, February 3, 2008,
http://www.prnewswire.com/news-releases/quantum-secure-
deploys-safe-software-suite-for-toronto-pearson-international-
airport-
65658767.html.
6 Ibid.
KELLOGG SCHOOL OF MANAGEMENT 4
For the exclusive use of Q. yang, 2022.
This document is authorized for use only by Qianrui yang in
Copy of MGMT 6140: Managing Digitization and
14. Transformation-1 taught by T Ravichandran, Rensselaer
Polytechnic Institute - Troy
from Aug 2022 to Feb 2023.
http://www.prnewswire.com/news-releases/quantum-secure-
deploys-safe-software-suite-for-toronto-pearson-international-
airport
15. KEL720 SFO AND QUANTUM SECURE
were also thinking to rip and replace our old physical access
system at the same time.”7 Although
SFO had managed to stave off expensive hardware upgrades for
many years, the evolving demands
of physical security had required periodic software upgrades, a
marriage of new and old that was
not without occasional problems. The Terminal 2 renovation
project therefore came at an opportune
moment for Dickie’s team, as it presented an opportunity to
begin a migration to a new PACS on a
newly opened area of the airport that did not yet face the strain
of full everyday usage.8
Dickie first hired a systems integrator that shortlisted several
companies and managed the
request for proposal process before ultimately helping the team
select a newer PACS for Terminal
2. “We had a situation where we had a 20-year-old access
control system in place, and we wanted
to migrate off of it into a new platform, but we had to do it in a
phased manner due to bandwidth
constraints,” Dickie said. “Knowing that we were going to have
a newer and different PACS running
16. in Terminal 2 and the older PACS still running everywhere else
in the airport, we were looking for
a new badging solution that could interface with both and
provide us with a much-needed identity
and credential lifecycle management system—all at once.”9
This requirement meant that the badge provisioning software
would have to communicate with
the old and new PACS while being flexible enough to
accommodate new TSA directives and
interface with the newly deployed PACS. After a rigorous
examination of the options available,
Dickie and her team selected Quantum Secure’s SAFE for
Aviation product. They considered other
vendors, but felt that Quantum Secure offered the most
comprehensive solution and also provided a
robust audit and compliance system.
“We talked to all the various vendors, and then to other airports,
most of whom did not have a
separate badging system; they just badge through the physical
access control systems,” Dickie said.
“The badges that come out in the previous process have no
intelligence built in. After the physical
production of the badge, all processes from pre-enrollment of an
17. airport identity to badge assignment
to access management leading to termination of the access—all
processes are done manually with
lots of errors and no accountability. We knew Quantum Secure
had done work for Toronto, so we
called them and understood how Quantum’s technology is being
leveraged by them. They had three
PACS systems that they had to converge. We thought we had it
bad with two. We got a lot of positive
comments from Toronto and how they fully automated tough
manual processes, including audit and
compliance requirements. We placed a lot of importance on
Quantum’s ability and willingness to
service us and deliver airport-specific functionality and
enhancements as they became necessary,
because in the physical security world, especially with airports,
the goalposts are always moving.”10
Calculating Return on Investment
Dickie liked the operational aspects of the SAFE solution but
still had to convince senior SFO
executives that the tangible benefits justified the cost. Deciding
the right amount to spend to achieve
a given level of security was a challenging task, in large part
18. because serious breaches of security
were very rare but resulted in extremely painful consequences.
7 Interview with Kim Dickie, March 9, 2011.
8 Ibid.
9 Ibid.
10 Ibid.
KELLOGG SCHOOL OF MANAGEMENT 5
For the exclusive use of Q. yang, 2022.
This document is authorized for use only by Qianrui yang in
Copy of MGMT 6140: Managing Digitization and
Transformation-1 taught by T Ravichandran, Rensselaer
Polytechnic Institute - Troy
from Aug 2022 to Feb 2023.
19. 2009 2010 2011 2012 2013
2,000 4,000 8,000 10,000 0
SFO AND QUANTUM SECURE KEL720
The team’s research identified benefits to SFO in five major
areas: reduced labor and material
costs, increased accuracy of recordkeeping, improved
compliance with safety regulations, and
avoided costs of replacing old systems by enabling integration
and interoperation.
Labor Costs
Quantum Secure supplied data about the impact of the SAFE
system on Toronto Pearson’s
20. badging process over the entire user lifecycle. Upon
implementing the SAFE system, Toronto
Pearson estimated that its automated, interconnected identity
management system would reduce the
need for duplicative data entry and streamline the background-
check process to onboard a new user.
As a result, the time to onboard a user would fall from 9.33 man
hours (560 minutes) to just 20
minutes.
Dickie saw this as a significant potential cost savings if SFO’s
own credentialing time could be
reduced from the more than six man hours it currently took. The
airport credentialed approximately
2,000 new users every year, a figure Dickie expected to grow by
approximately 10 percent for each
of the next five years (from 2009 to 2013), the timeframe used
by its finance department to calculate
the payback period for capital expenditures. Employees in the
SFO security department, who
performed the onboarding tasks, earned an average of $8 per
hour.
SAFE also enabled Toronto Pearson to increase the consistency
of data entry, which reduced ID
21. badge processing costs from $49 per card to $35 in the first
year, with the potential to decrease
further in subsequent years. SFO’s cost was approximately $44
per badge before implementing the
SAFE solution. Dickie knew this also could represent
significant cost savings for the 2,000 users
that would access Terminal 2 using the older PACS system in
2009, and the rest of SFO’s
approximately 20,000 users that ultimately would migrate to the
new system in Terminal 2 as it was
migrated across the rest of the airport in four equal tranches in
future years.
On average, identity management at SFO required
approximately 15 minutes of manual
processing per identity per year for each of the more than
20,000 identities. (Dickie expected this
number to grow by 5 percent annually for the next five years.)
Identity management consisted of
changing identity records, terminating identities, changing
access provisioning, replacing lost
badges, and renewing old badges. Automating these tasks with
SAFE was expected to reduce the
time required to complete them by as much as 35 percent, which
would not only increase the
22. productivity of security personnel but also prevent users from
experiencing long wait times.
Material Costs
The enhanced functionality of the new PACS at Terminal 2
required a new, more
technologically sophisticated badge for the 2,000 users
accessing the terminal in 2009. Without
SAFE, any users with access to both Terminal 2 and other parts
of the airport that still used the older
PACS infrastructure would have to carry a new badge for
Terminal 2 in addition to their old badge
for the rest of the airport. The old badges cost $2.00, while the
new badges for Terminal 2 cost $7.00.
Based on the planned rollout of the new PACS and gradual
replacement of the old PACS, Dickie
estimated the number of users that would need two badges over
time would be as follows:
KELLOGG SCHOOL OF MANAGEMENT 6
For the exclusive use of Q. yang, 2022.
This document is authorized for use only by Qianrui yang in
23. Copy of MGMT 6140: Managing Digitization and
Transformation-1 taught by T Ravichandran, Rensselaer
Polytechnic Institute - Troy
from Aug 2022 to Feb 2023.
24. KEL720 SFO AND QUANTUM SECURE
By implementing SAFE technology from Quantum Secure,
however, SFO would eliminate the
need for duplicate badges, as SAFE could enable the newer
badges to continue working on the older
PACS system when those users accessed airport areas outside of
the Terminal 2 zone (which would
now use the newer PACS system). Approximately 8 percent of
SFO users’ ID cards were lost every
year, requiring replacement, and Dickie did not expect that this
would change.
Increased Accuracy of Recordkeeping
Because SAFE populated recurring fields such as social security
number, name, and address
across multiple pages and required certain fields to be
completed before moving to the next screen,
Dickie knew that one of its benefits would be far fewer missing
fields and mistyped information in
SFO’s user database. However, the team worried that it would
be difficult to place a dollar value on
greater information accuracy.
25. Dickie knew, however, that one tangible result of improved
accuracy would be a reduction in
the time to detect and correct errors across the airport’s various
databases. The badging department
reported that seven employees spent one full day each month
comparing user databases and
attempting to correct the errors they discovered. Toronto
Pearson had reported a 90 percent reduction
in this activity after its SAFE implementation; Dickie
anticipated that SFO’s systems and processes
were comparable to Toronto Pearson’s before its SAFE
implementation, but she estimated that 90
percent was an aggressive savings assumption and that SFO
would probably enjoy a slightly lower
level of savings.
Increased Compliance
According to Quantum Secure, the SAFE for Aviation solution
had improved Toronto Pearson’s
compliance with various regulatory safety standards by as much
as 60 percent, although it was
impossible to obtain accurate data across various categories. For
example, Toronto Pearson reported
26. a drop in accidental violations of the Canadian Air Transport
Security Authority’s restricted area
identification card program from 311 to 224 annually. Most of
the reduction stemmed from
eliminating violations resulting from users borrowing badges to
access areas for which they lacked
permission, a violation that could result in a fine of up to
$10,000 CAD (approximately $8,849 USD
at the time) per incident. SAFE