Uploaded byhanneloremccaffery
DOCX, PDF30 views

[removed]REVISED FEBRUARY 19.docx

- Kim Dickie and her team at SFO were tasked with overhauling the airport's security infrastructure as passenger numbers rose. They saw the reopening of Terminal 2 as an opportunity to transition to a new credentialing and access management system. - After reviewing options, they selected Quantum Secure's SAFE for Aviation software, which would integrate previously manual security processes and databases in a centralized system. However, Dickie still needed to justify the costs to senior management. - The document discusses the challenges of SFO's existing fragmented security systems and processes. It describes how Quantum Secure's SAFE software aims to automate and streamline identity management, access control, and compliance through a single centralized system.

Embed presentation

Download to read offline
[removed] REVISED FEBRUARY 19, 2020 DANIEL DIERMEIER AND EVAN MEAGHER KEL720 San Francisco International Airport and Quantum Secure’s SAFE for Aviation System: Making the Business Case for Corporate Security On January 22, 2008, Assistant Deputy Director of Aviation Security Kim Dickie met with her team in a conference room at San Francisco International Airport (known by its three-letter airport code, SFO) to review the challenge facing them. Steadily rising passenger counts and the increasing launch of
service by low-cost carriers such as Virgin America, Southwest Airlines, and JetBlue Airways had compelled SFO’s Airport Director John Martin to announce plans to renovate and reopen Terminal 2, shuttered in 2000 upon the opening of SFO’s new international terminal. The $383 million project would require new heating and ventilation installations, energy-efficient architectural design, and the construction of four additional gates, but Dickie was focused on the security infrastructure requirements.1 In addition, Dickie’s boss, Henry Thompson, the Associate Deputy Airport Director of Safety and Security, had a mandate to overhaul the security infrastructure of the airport, tightening loopholes around employees and passenger security, airside operations, badge credentialing, physical identity and access management, as well as investing in technology, automation, and intelligence to create a next- generation model airport. Dickie and her team saw the Terminal 2 reopening as an opportunity to start a much-needed transition to a long-term airport-wide credentialing and physical identity and access management (PIAM) system that would meet the growing need of airport risks and comply with regulations from the Transportation Security Administration (TSA).2 After months of work, she and her team had selected Quantum Secure’s SAFE for Aviation software suite as the new Terminal 2 credentialing system. The infrastructure upgrades required by the renovation provided both momentum and initial support from senior executives, but Dickie still needed to
justify a state-of-the-art airport credentialing system that would address airport security risks while complying with TSA 1 “SFO Eyes Old Terminal for Expansion,” Oakland Tribune, September 10, 2007; “SFO Airport Awards Contract to Upgrade Old Int’l Terminal,” Aviation Daily, May 19, 2008. 2 The Transportation Security Administration is the U.S. governmental agency responsible for air travel security. It was created after the 9/11 attacks as part of the U.S. Department of Homeland Security. See http://www.tsa.gov. ©2013, 2020 by the Kellogg School of Management at Northwestern University. This case was developed with support from the December 2009 graduates of the Executive MBA Program (EMP-76). This case was prepared by Evan Meagher ’09 under the supervision of Professor Daniel Diermeier. Cases are developed solely as the basis for class discussion. Cases are not intended to serve as endorsements, sources of primary data, or illustrations of effective or ineffective management. To order copies or request permission to reproduce materials, call 800-545-7685 (or 617-783-7600 outside the United States or Canada) or e-mail [email protected] No part of this publication may be reproduced, stored in a retrieval system, used in a spreadsheet, or transmitted in any form or by any means—electronic, mechanical, photocopying, recording, or otherwise—without the permission of Kellogg Case Publishing. For the exclusive use of Q. yang, 2022.
This document is authorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023. mailto:[email protected] http://www.tsa.gov SFO AND QUANTUM SECURE KEL720 regulations. Dickie and her team had a small window of opportunity to develop a business case that would convince senior management to fund the purchase. Airport Security Security at SFO posed unique challenges. The most obvious was the more than 100,000
passengers who used the facility’s ticketing and check-in lines, security screens, gates, and baggage claim every day. Less visible were the thousands of tenants, vendors, airline personnel, and third- party contractors who needed to be authenticated and whose physical access rights had to be controlled and managed dynamically based on their role and the airport’s security policies. Due to the vast array of security threats, managing the identities of these people, their credentials, and their physical access to facilities, all airports were required to execute mission- critical processes, which included: security clearances for access to secured locations from the TSA, the Canadian Air Transport Security Authority (CATSA), or other relevant national transportation security governing bodies; BASIC (Biometric Airport Security Identification Consortium) messaging integration to communicate with the Transportation Security Clearinghouse; included the management and storage of related documents, such as a copy of a passport or I-9 form; -service access rights to allow approved parties to enroll their own employees and subcontractors and grant them physical access
rights prior to their on-site arrival; nd enforcing new security directives like SD-1542-04-08G, which governed the security protocols for transient aircraft and after- hours operations, or SD- 1542-04-08F, which required security threat assessments on a wider range of parties including pilots, baggage screeners, and other airport employees; systems (PACS), human resources and information technology systems, and biometric employee databases so as to generate a common workflow and consistent policies across all systems; detected and penalized, with penalties escalating with each subsequent violation; and r people have the proper access for the proper reasons. In principle, airports could have completed these processes by creating a single notion of a user’s identity for use across the entire facility and attaching that identity to a set of access rules overseen by aviation employees and airport tenants. This would have established a unified policy paradigm that issued credentials, managed rules, and modified or retracted access when the role was changed or terminated.
KELLOGG SCHOOL OF MANAGEMENT 2 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023. KEL720 SFO AND QUANTUM SECURE In actuality, however, each of these procedures was handled separately, processed manually, and the results entered into separate databases. This approach led to numerous problems. For
example, there was no routine way to determine if an access card had been successfully deactivated after the termination of an airport worker, nor was there any way to tell if an airport worker without the required privileges had access to a restricted area. The databases had different formats and file types, so they could not communicate with each other or be checked for internal consistency, so updates lagged days or weeks behind actual changes such as terminations. These challenges were exacerbated by the fact that airport badging operators often lacked understanding of the strategic importance of following certain protocols and assessing risks. This led to inefficiencies, delays, and at times, compromised security levels. The disjointed execution of these processes—which were often conducted out of sequence and required additional resources for correction—undermined airports’ operational efficiency. (See Exhibits 1 and 2.) For example, one large international airport took three weeks to register an employee in the parking, payroll, human resources, and PACS databases. “You’d go stand in this huge line, and you’d get to the front of the line, and they would say, ‘This isn’t right, come back Tuesday to fill out new forms,’” said Ajay Jain, president and CEO of Quantum Secure, a provider of enterprise-wide security software solutions. “The wait was so long that people were starting to leave and just abandon these job offers, thereby creating heavy strain on airport operations.”3 The challenges did not end once a new employee was registered in the systems—any changes to access permissions required that a massive spreadsheet be
printed and compared to the list used at an access point to identify any additions, deletions, or modifications. This inefficient, highly manual, and error-prone process had been the status quo in the physical access control world for decades, but development of comprehensive software solutions offered the prospect of integrating and streamlining existing procedures. Process automation not only promised improved efficiency, speed, and cost, but also improved compliance that could mitigate potentially serious legal and reputational risks. “When you talk to a higher-level audience and outline these issues at the CXO level, that audience understands the limitations there,” Jain said. “They know they’ve got major compliance and risk issues to deal with, and they’re asking, ‘How do I clean that up? How do I make things accountable?’”4 Quantum Secure and SAFE Founded in 2005 in San Jose, California, Quantum Secure was a privately held provider of software-based solutions and platforms for physical identity and access management. Quantum Secure’s core offering was the SAFE software suite, a commercial off-the-shelf solution that streamlined the identity management and access provisioning processes for clients with large facilities that required rigorous physical security and access management procedures. SAFE for Aviation enabled users to create a single notion of identity across the entire airport that integrated previously fragmented manual processes as well as biometrics.
This integration enabled security 3 Phone interview with Ajay Jain, February 22, 2011. 4 Ibid. KELLOGG SCHOOL OF MANAGEMENT 3 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023. SFO AND QUANTUM SECURE KEL720
managers to create policies and general procedures for issuing credentials and granting access to airport facilities. SAFE’s flexible system architecture and policy/rules-based framework accommodated changes and additions to rules, workflows, and policies without programming, which meant that ever- changing regulations and internal initiatives could be easily incorporated without costly upkeep and development charges. It also addressed “insider threats” by continuously monitoring video and marrying it with analytics of access behavior to identify anomalies that could provide early warning of any potential threats. SAFE for Aviation integrated directly with the existing airport security infrastructure, obviating the need for costly replacement of existing security systems, hardware, controllers, and other products. The software integrated with all leading PACS, training systems, TSA-mandated background-check processes, and other airport-specific IT systems, allowing disparate security systems to act as a single unit. (See Exhibits 3 and 4.) In 2008, Toronto Pearson International Airport deployed the SAFE suite. Based on preliminary results, the airport expected to meet the following goals:5 ssing a badge by 28 percent, from $49 to $35; minutes;
minutes to 25 minutes; and l audit and compliance. Bryan Scott, the Greater Toronto Airports Authority’s senior manager of security infrastructures, said, “. . . the PPCO [Pass/Permit Control Office] serves an average of 175 clients per day and more than 45,000 employees and contractors each year for a wide variety of pass/permit requests. We needed a system that could keep up with this demand, ensuring that important staff started work in a timely fashion while maintaining high levels of customer satisfaction.”6 Selecting a Solution With the announcement that SFO would be renovating Terminal 2 to accommodate increased demand for gates from discount air carriers, Dickie’s team needed to decide how to solve its PACS challenges. For decades, SFO had relied on physical access systems—the systems that opened and closed doors—that were not designed to implement integrated
processes, such as policies related to access grant or revocation, as well as the ability to manage compliance with internal controls. Although SFO had led the industry with the installation of biometric technology at access control doors in 1990, “it was very painful,” Dickie said. “We desperately wanted to move away from legacy manual processing to automating and streamlining our credential issuance process. We 5 “Quantum Secure Deploys SAFE Software Suite for Toronto Pearson International Airport,” PR Newswire, February 3, 2008, http://www.prnewswire.com/news-releases/quantum-secure- deploys-safe-software-suite-for-toronto-pearson-international- airport- 65658767.html. 6 Ibid. KELLOGG SCHOOL OF MANAGEMENT 4 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and
Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023. http://www.prnewswire.com/news-releases/quantum-secure- deploys-safe-software-suite-for-toronto-pearson-international- airport
KEL720 SFO AND QUANTUM SECURE were also thinking to rip and replace our old physical access system at the same time.”7 Although SFO had managed to stave off expensive hardware upgrades for many years, the evolving demands of physical security had required periodic software upgrades, a marriage of new and old that was not without occasional problems. The Terminal 2 renovation project therefore came at an opportune moment for Dickie’s team, as it presented an opportunity to begin a migration to a new PACS on a newly opened area of the airport that did not yet face the strain of full everyday usage.8 Dickie first hired a systems integrator that shortlisted several companies and managed the request for proposal process before ultimately helping the team select a newer PACS for Terminal 2. “We had a situation where we had a 20-year-old access control system in place, and we wanted to migrate off of it into a new platform, but we had to do it in a phased manner due to bandwidth constraints,” Dickie said. “Knowing that we were going to have a newer and different PACS running
in Terminal 2 and the older PACS still running everywhere else in the airport, we were looking for a new badging solution that could interface with both and provide us with a much-needed identity and credential lifecycle management system—all at once.”9 This requirement meant that the badge provisioning software would have to communicate with the old and new PACS while being flexible enough to accommodate new TSA directives and interface with the newly deployed PACS. After a rigorous examination of the options available, Dickie and her team selected Quantum Secure’s SAFE for Aviation product. They considered other vendors, but felt that Quantum Secure offered the most comprehensive solution and also provided a robust audit and compliance system. “We talked to all the various vendors, and then to other airports, most of whom did not have a separate badging system; they just badge through the physical access control systems,” Dickie said. “The badges that come out in the previous process have no intelligence built in. After the physical production of the badge, all processes from pre-enrollment of an
airport identity to badge assignment to access management leading to termination of the access—all processes are done manually with lots of errors and no accountability. We knew Quantum Secure had done work for Toronto, so we called them and understood how Quantum’s technology is being leveraged by them. They had three PACS systems that they had to converge. We thought we had it bad with two. We got a lot of positive comments from Toronto and how they fully automated tough manual processes, including audit and compliance requirements. We placed a lot of importance on Quantum’s ability and willingness to service us and deliver airport-specific functionality and enhancements as they became necessary, because in the physical security world, especially with airports, the goalposts are always moving.”10 Calculating Return on Investment Dickie liked the operational aspects of the SAFE solution but still had to convince senior SFO executives that the tangible benefits justified the cost. Deciding the right amount to spend to achieve a given level of security was a challenging task, in large part
because serious breaches of security were very rare but resulted in extremely painful consequences. 7 Interview with Kim Dickie, March 9, 2011. 8 Ibid. 9 Ibid. 10 Ibid. KELLOGG SCHOOL OF MANAGEMENT 5 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023.
2009 2010 2011 2012 2013 2,000 4,000 8,000 10,000 0 SFO AND QUANTUM SECURE KEL720 The team’s research identified benefits to SFO in five major areas: reduced labor and material costs, increased accuracy of recordkeeping, improved compliance with safety regulations, and avoided costs of replacing old systems by enabling integration and interoperation. Labor Costs Quantum Secure supplied data about the impact of the SAFE system on Toronto Pearson’s
badging process over the entire user lifecycle. Upon implementing the SAFE system, Toronto Pearson estimated that its automated, interconnected identity management system would reduce the need for duplicative data entry and streamline the background- check process to onboard a new user. As a result, the time to onboard a user would fall from 9.33 man hours (560 minutes) to just 20 minutes. Dickie saw this as a significant potential cost savings if SFO’s own credentialing time could be reduced from the more than six man hours it currently took. The airport credentialed approximately 2,000 new users every year, a figure Dickie expected to grow by approximately 10 percent for each of the next five years (from 2009 to 2013), the timeframe used by its finance department to calculate the payback period for capital expenditures. Employees in the SFO security department, who performed the onboarding tasks, earned an average of $8 per hour. SAFE also enabled Toronto Pearson to increase the consistency of data entry, which reduced ID
badge processing costs from $49 per card to $35 in the first year, with the potential to decrease further in subsequent years. SFO’s cost was approximately $44 per badge before implementing the SAFE solution. Dickie knew this also could represent significant cost savings for the 2,000 users that would access Terminal 2 using the older PACS system in 2009, and the rest of SFO’s approximately 20,000 users that ultimately would migrate to the new system in Terminal 2 as it was migrated across the rest of the airport in four equal tranches in future years. On average, identity management at SFO required approximately 15 minutes of manual processing per identity per year for each of the more than 20,000 identities. (Dickie expected this number to grow by 5 percent annually for the next five years.) Identity management consisted of changing identity records, terminating identities, changing access provisioning, replacing lost badges, and renewing old badges. Automating these tasks with SAFE was expected to reduce the time required to complete them by as much as 35 percent, which would not only increase the
productivity of security personnel but also prevent users from experiencing long wait times. Material Costs The enhanced functionality of the new PACS at Terminal 2 required a new, more technologically sophisticated badge for the 2,000 users accessing the terminal in 2009. Without SAFE, any users with access to both Terminal 2 and other parts of the airport that still used the older PACS infrastructure would have to carry a new badge for Terminal 2 in addition to their old badge for the rest of the airport. The old badges cost $2.00, while the new badges for Terminal 2 cost $7.00. Based on the planned rollout of the new PACS and gradual replacement of the old PACS, Dickie estimated the number of users that would need two badges over time would be as follows: KELLOGG SCHOOL OF MANAGEMENT 6 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in
Copy of MGMT 6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023.
KEL720 SFO AND QUANTUM SECURE By implementing SAFE technology from Quantum Secure, however, SFO would eliminate the need for duplicate badges, as SAFE could enable the newer badges to continue working on the older PACS system when those users accessed airport areas outside of the Terminal 2 zone (which would now use the newer PACS system). Approximately 8 percent of SFO users’ ID cards were lost every year, requiring replacement, and Dickie did not expect that this would change. Increased Accuracy of Recordkeeping Because SAFE populated recurring fields such as social security number, name, and address across multiple pages and required certain fields to be completed before moving to the next screen, Dickie knew that one of its benefits would be far fewer missing fields and mistyped information in SFO’s user database. However, the team worried that it would be difficult to place a dollar value on greater information accuracy.
Dickie knew, however, that one tangible result of improved accuracy would be a reduction in the time to detect and correct errors across the airport’s various databases. The badging department reported that seven employees spent one full day each month comparing user databases and attempting to correct the errors they discovered. Toronto Pearson had reported a 90 percent reduction in this activity after its SAFE implementation; Dickie anticipated that SFO’s systems and processes were comparable to Toronto Pearson’s before its SAFE implementation, but she estimated that 90 percent was an aggressive savings assumption and that SFO would probably enjoy a slightly lower level of savings. Increased Compliance According to Quantum Secure, the SAFE for Aviation solution had improved Toronto Pearson’s compliance with various regulatory safety standards by as much as 60 percent, although it was impossible to obtain accurate data across various categories. For example, Toronto Pearson reported
a drop in accidental violations of the Canadian Air Transport Security Authority’s restricted area identification card program from 311 to 224 annually. Most of the reduction stemmed from eliminating violations resulting from users borrowing badges to access areas for which they lacked permission, a violation that could result in a fine of up to $10,000 CAD (approximately $8,849 USD at the time) per incident. SAFE

More Related Content

PPT
Airline security new
byRawad Abdul Rahim
 
PPTX
Airport planning part 2 -erau webinar
byERAUWebinars
 
PDF
5. airport security and facilitation.pdf
byirenepafra
 
PPTX
Chpt 5 commercial airport avsec
bycarlinclarke
 
PPTX
AIRPORT SECURITY
byHafiz M. Hassan Ali
 
PDF
Networked security has arrived - Ericsson Review
byEricsson France
 
PDF
Networked security has arrived - Ericsson Review
byremoved_3df3fefc273c69d52eae6da8b8d647a6
 
PDF
Airport Entry Management Systems and Security
byMestizo Enterprises
 
Airline security new
byRawad Abdul Rahim
 
Airport planning part 2 -erau webinar
byERAUWebinars
 
5. airport security and facilitation.pdf
byirenepafra
 
Chpt 5 commercial airport avsec
bycarlinclarke
 
AIRPORT SECURITY
byHafiz M. Hassan Ali
 
Networked security has arrived - Ericsson Review
byEricsson France
 
Networked security has arrived - Ericsson Review
byremoved_3df3fefc273c69d52eae6da8b8d647a6
 
Airport Entry Management Systems and Security
byMestizo Enterprises
 

Similar to [removed]REVISED FEBRUARY 19.docx

PDF
Improving Emerging Technology and Processes from the Regulator and Industry P...
bylkatc
 
PPTX
Security Aspects in Aviation Sector
bySanjeev Sinha PMI-PBA®, CSM®
 
PPT
Biometric
byMustafaMI
 
PDF
Case Study Oslo Airport
byQognify
 
DOCX
AAI (Airports Authority of India) Report
byLokesh Negi
 
PDF
CISA-Exam-Prep-Domain-5-2019.pdf. CISA exam
bygregtap1
 
PDF
Transportation Security Administration "TSA 101"
byTSA
 
PPTX
Aviation Security Challenges: Practical Solutions
byProfessional Aviation Services
 
PPTX
Aviation security challenges: practical solutions
byhttps://logisticscompanies.co.za
 
PPT
Ben Rothke Aoa 2008 Biometrics
byBen Rothke
 
DOCX
275Terrorism, Airport Security, and the Private Sector.docx
byvickeryr87
 
DOCX
Running head Fiber Optic SecurityFiber Op.docx
bywlynn1
 
PDF
NEC Public Safety | Digital Identity for a Secured World
byNEC Public Safety
 
PDF
Using biometric technology to facilitate airport security - November 2015
byRockwell Collins | ARINC airports
 
DOC
Annotated bib
bybekahpars
 
PDF
IDGA’s Aviation Security Summit
bycassie111
 
PDF
New Technologies for Airport Security
byBala2212
 
PDF
WP82 Physical Security in Mission Critical Facilities
bySE_NAM_Training
 
PPTX
Legal Issues in New IT @ Airports - SITA
byStephen H. Baird
 
PDF
Asia Pacific AVSEC 2012
byAndrea Hoymann
 
Improving Emerging Technology and Processes from the Regulator and Industry P...
bylkatc
 
Security Aspects in Aviation Sector
bySanjeev Sinha PMI-PBA®, CSM®
 
Biometric
byMustafaMI
 
Case Study Oslo Airport
byQognify
 
AAI (Airports Authority of India) Report
byLokesh Negi
 
CISA-Exam-Prep-Domain-5-2019.pdf. CISA exam
bygregtap1
 
Transportation Security Administration "TSA 101"
byTSA
 
Aviation Security Challenges: Practical Solutions
byProfessional Aviation Services
 
Aviation security challenges: practical solutions
byhttps://logisticscompanies.co.za
 
Ben Rothke Aoa 2008 Biometrics
byBen Rothke
 
275Terrorism, Airport Security, and the Private Sector.docx
byvickeryr87
 
Running head Fiber Optic SecurityFiber Op.docx
bywlynn1
 
NEC Public Safety | Digital Identity for a Secured World
byNEC Public Safety
 
Using biometric technology to facilitate airport security - November 2015
byRockwell Collins | ARINC airports
 
Annotated bib
bybekahpars
 
IDGA’s Aviation Security Summit
bycassie111
 
New Technologies for Airport Security
byBala2212
 
WP82 Physical Security in Mission Critical Facilities
bySE_NAM_Training
 
Legal Issues in New IT @ Airports - SITA
byStephen H. Baird
 
Asia Pacific AVSEC 2012
byAndrea Hoymann
 

More from hanneloremccaffery

DOCX
© 2016 Laureate Education, Inc. Page 1 of 3 RWRCOEL Prof.docx
byhanneloremccaffery
 
DOCX
·         Bakit Di gaanong kaganda ang pagturo sa UST sa panahon.docx
byhanneloremccaffery
 
DOCX
© 2020 Cengage Learning®. May not be scanned, copied or duplic.docx
byhanneloremccaffery
 
DOCX
© 2017 Cengage Learning. All Rights Reserved.Chapter Twelve.docx
byhanneloremccaffery
 
DOCX
[Type here]Ok. This school makes me confused. The summary of t.docx
byhanneloremccaffery
 
DOCX
© 2022 Post University, ALL RIGHTS RESERVED Due Date.docx
byhanneloremccaffery
 
DOCX
•POL201 •Discussions •Week 5 - DiscussionVoter and Voter Tu.docx
byhanneloremccaffery
 
DOCX
•Langbein, L. (2012). Public program evaluation A statistical guide.docx
byhanneloremccaffery
 
DOCX
•Chapter 10 Do you think it is possible for an outsider to accura.docx
byhanneloremccaffery
 
DOCX
`Inclusiveness. The main.docx
byhanneloremccaffery
 
DOCX
^ Acadumy of Management Journal2001. Vol. 44. No. 2. 219-237.docx
byhanneloremccaffery
 
DOCX
__MACOSXSujan Poster._CNA320 Poster Presentation rubric.pdf.docx
byhanneloremccaffery
 
DOCX
·YOUR INDIVIDUAL PAPER IS ARGUMENTATIVE OR POSITIONAL(Heal.docx
byhanneloremccaffery
 
DOCX
·Write a 750- to 1,Write a 750- to 1,200-word paper that.docx
byhanneloremccaffery
 
DOCX
{DiscriminationGENERAL DISCRIMINATI.docx
byhanneloremccaffery
 
DOCX
•Focus on two or three things in the Mesopotamian andor Ovids ac.docx
byhanneloremccaffery
 
DOCX
`HISTORY 252AEarly Modern Europe from 1500 to 1815Dr. Burton .docx
byhanneloremccaffery
 
DOCX
 Explain how firms can benefit from forecastingexchange rates .docx
byhanneloremccaffery
 
DOCX
•No less than 4 pages causal argument researched essay •In.docx
byhanneloremccaffery
 
DOCX
~UEER THEORY AND THE JEWISH QUESTI01 Daniel Boyarin, Da.docx
byhanneloremccaffery
 
© 2016 Laureate Education, Inc. Page 1 of 3 RWRCOEL Prof.docx
byhanneloremccaffery
 
·         Bakit Di gaanong kaganda ang pagturo sa UST sa panahon.docx
byhanneloremccaffery
 
© 2020 Cengage Learning®. May not be scanned, copied or duplic.docx
byhanneloremccaffery
 
© 2017 Cengage Learning. All Rights Reserved.Chapter Twelve.docx
byhanneloremccaffery
 
[Type here]Ok. This school makes me confused. The summary of t.docx
byhanneloremccaffery
 
© 2022 Post University, ALL RIGHTS RESERVED Due Date.docx
byhanneloremccaffery
 
•POL201 •Discussions •Week 5 - DiscussionVoter and Voter Tu.docx
byhanneloremccaffery
 
•Langbein, L. (2012). Public program evaluation A statistical guide.docx
byhanneloremccaffery
 
•Chapter 10 Do you think it is possible for an outsider to accura.docx
byhanneloremccaffery
 
`Inclusiveness. The main.docx
byhanneloremccaffery
 
^ Acadumy of Management Journal2001. Vol. 44. No. 2. 219-237.docx
byhanneloremccaffery
 
__MACOSXSujan Poster._CNA320 Poster Presentation rubric.pdf.docx
byhanneloremccaffery
 
·YOUR INDIVIDUAL PAPER IS ARGUMENTATIVE OR POSITIONAL(Heal.docx
byhanneloremccaffery
 
·Write a 750- to 1,Write a 750- to 1,200-word paper that.docx
byhanneloremccaffery
 
{DiscriminationGENERAL DISCRIMINATI.docx
byhanneloremccaffery
 
•Focus on two or three things in the Mesopotamian andor Ovids ac.docx
byhanneloremccaffery
 
`HISTORY 252AEarly Modern Europe from 1500 to 1815Dr. Burton .docx
byhanneloremccaffery
 
 Explain how firms can benefit from forecastingexchange rates .docx
byhanneloremccaffery
 
•No less than 4 pages causal argument researched essay •In.docx
byhanneloremccaffery
 
~UEER THEORY AND THE JEWISH QUESTI01 Daniel Boyarin, Da.docx
byhanneloremccaffery
 

Recently uploaded

PDF
FAMILY ASSESSMENT FORMAT - CHN practical
byDr. Sudhadevi Sadanandan
 
PDF
Ketogenic diet in Epilepsy in children..
bymirzasania0810
 
PPTX
Details of Muscular-and-Nervous-Tissues.pptx
byAshish Umale
 
PDF
Projecte de la porta de la classe de primer A: Mar i cel.
byeduardrubio1
 
PDF
All Students Workshop 25 Yoga Wellness by LDMMIA
by©LDMMIA, ©Reiki Yoga
 
PDF
The Pity of War: Form, Fragment, and the Artificial Echo | Understanding War ...
byNidhi Pandya
 
PDF
Projecte de la porta d'i5B: Els animals marins
byeduardrubio1
 
PDF
NAVIGATE PHARMACY CAREER OPPORTUNITIES.pdf
byMd. Zakaria Faruki
 
PDF
Models of Teaching - TNTEU - B.Ed I Semester - Teaching and Learning - BD1TL ...
byDr Raja Mohammed T
 
PPTX
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
PPTX
CHAPTER NO.08 HCP BY GG CLINICAL PHARMACY
byGanu Gavade
 
PPTX
TAMIS & TEMS - HOW, WHY and THE STEPS IN PROCTOLOGY
byJohn Thanakumar
 
PPTX
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
PDF
Digital Wellness in University Communities: Libraries as Guardians of Healthy...
bySylvester Ebhonu
 
PPTX
Semester 6 unit 2 Atopic dermatitis.pptx
bysachin7989
 
PPTX
Campfens "The Data Qualify Challenge: Publishers, institutions, and funders r...
byNational Information Standards Organization (NISO)
 
PDF
DHA/HAAD/MOH/DOH OPTOMETRY MCQ PYQ. .pdf
byAnmol Singh
 
PPTX
Accounting Skills Paper-II (Registers of PACs and Credit Co-operative Societies)
byDr. Sushil Bansode
 
PDF
1ST APPLICATION FOR ANNULMENT (4)8787666.pdf
bykonstantinantountoum1
 
PDF
APM Wessex Network: DEIB Policy into Practice
byAssociation for Project Management
 
FAMILY ASSESSMENT FORMAT - CHN practical
byDr. Sudhadevi Sadanandan
 
Ketogenic diet in Epilepsy in children..
bymirzasania0810
 
Details of Muscular-and-Nervous-Tissues.pptx
byAshish Umale
 
Projecte de la porta de la classe de primer A: Mar i cel.
byeduardrubio1
 
All Students Workshop 25 Yoga Wellness by LDMMIA
by©LDMMIA, ©Reiki Yoga
 
The Pity of War: Form, Fragment, and the Artificial Echo | Understanding War ...
byNidhi Pandya
 
Projecte de la porta d'i5B: Els animals marins
byeduardrubio1
 
NAVIGATE PHARMACY CAREER OPPORTUNITIES.pdf
byMd. Zakaria Faruki
 
Models of Teaching - TNTEU - B.Ed I Semester - Teaching and Learning - BD1TL ...
byDr Raja Mohammed T
 
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
CHAPTER NO.08 HCP BY GG CLINICAL PHARMACY
byGanu Gavade
 
TAMIS & TEMS - HOW, WHY and THE STEPS IN PROCTOLOGY
byJohn Thanakumar
 
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
Digital Wellness in University Communities: Libraries as Guardians of Healthy...
bySylvester Ebhonu
 
Semester 6 unit 2 Atopic dermatitis.pptx
bysachin7989
 
Campfens "The Data Qualify Challenge: Publishers, institutions, and funders r...
byNational Information Standards Organization (NISO)
 
DHA/HAAD/MOH/DOH OPTOMETRY MCQ PYQ. .pdf
byAnmol Singh
 
Accounting Skills Paper-II (Registers of PACs and Credit Co-operative Societies)
byDr. Sushil Bansode
 
1ST APPLICATION FOR ANNULMENT (4)8787666.pdf
bykonstantinantountoum1
 
APM Wessex Network: DEIB Policy into Practice
byAssociation for Project Management
 

[removed]REVISED FEBRUARY 19.docx

  • 1.
    [removed] REVISED FEBRUARY 19,2020 DANIEL DIERMEIER AND EVAN MEAGHER KEL720 San Francisco International Airport and Quantum Secure’s SAFE for Aviation System: Making the Business Case for Corporate Security On January 22, 2008, Assistant Deputy Director of Aviation Security Kim Dickie met with her team in a conference room at San Francisco International Airport (known by its three-letter airport code, SFO) to review the challenge facing them. Steadily rising passenger counts and the increasing launch of
  • 2.
    service by low-costcarriers such as Virgin America, Southwest Airlines, and JetBlue Airways had compelled SFO’s Airport Director John Martin to announce plans to renovate and reopen Terminal 2, shuttered in 2000 upon the opening of SFO’s new international terminal. The $383 million project would require new heating and ventilation installations, energy-efficient architectural design, and the construction of four additional gates, but Dickie was focused on the security infrastructure requirements.1 In addition, Dickie’s boss, Henry Thompson, the Associate Deputy Airport Director of Safety and Security, had a mandate to overhaul the security infrastructure of the airport, tightening loopholes around employees and passenger security, airside operations, badge credentialing, physical identity and access management, as well as investing in technology, automation, and intelligence to create a next- generation model airport. Dickie and her team saw the Terminal 2 reopening as an opportunity to start a much-needed transition to a long-term airport-wide credentialing and physical identity and access management (PIAM) system that would meet the growing need of airport risks and comply with regulations from the Transportation Security Administration (TSA).2 After months of work, she and her team had selected Quantum Secure’s SAFE for Aviation software suite as the new Terminal 2 credentialing system. The infrastructure upgrades required by the renovation provided both momentum and initial support from senior executives, but Dickie still needed to
  • 3.
    justify a state-of-the-artairport credentialing system that would address airport security risks while complying with TSA 1 “SFO Eyes Old Terminal for Expansion,” Oakland Tribune, September 10, 2007; “SFO Airport Awards Contract to Upgrade Old Int’l Terminal,” Aviation Daily, May 19, 2008. 2 The Transportation Security Administration is the U.S. governmental agency responsible for air travel security. It was created after the 9/11 attacks as part of the U.S. Department of Homeland Security. See http://www.tsa.gov. ©2013, 2020 by the Kellogg School of Management at Northwestern University. This case was developed with support from the December 2009 graduates of the Executive MBA Program (EMP-76). This case was prepared by Evan Meagher ’09 under the supervision of Professor Daniel Diermeier. Cases are developed solely as the basis for class discussion. Cases are not intended to serve as endorsements, sources of primary data, or illustrations of effective or ineffective management. To order copies or request permission to reproduce materials, call 800-545-7685 (or 617-783-7600 outside the United States or Canada) or e-mail [email protected] No part of this publication may be reproduced, stored in a retrieval system, used in a spreadsheet, or transmitted in any form or by any means—electronic, mechanical, photocopying, recording, or otherwise—without the permission of Kellogg Case Publishing. For the exclusive use of Q. yang, 2022.
  • 4.
    This document isauthorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023. mailto:[email protected] http://www.tsa.gov SFO AND QUANTUM SECURE KEL720 regulations. Dickie and her team had a small window of opportunity to develop a business case that would convince senior management to fund the purchase. Airport Security Security at SFO posed unique challenges. The most obvious was the more than 100,000
  • 5.
    passengers who usedthe facility’s ticketing and check-in lines, security screens, gates, and baggage claim every day. Less visible were the thousands of tenants, vendors, airline personnel, and third- party contractors who needed to be authenticated and whose physical access rights had to be controlled and managed dynamically based on their role and the airport’s security policies. Due to the vast array of security threats, managing the identities of these people, their credentials, and their physical access to facilities, all airports were required to execute mission- critical processes, which included: security clearances for access to secured locations from the TSA, the Canadian Air Transport Security Authority (CATSA), or other relevant national transportation security governing bodies; BASIC (Biometric Airport Security Identification Consortium) messaging integration to communicate with the Transportation Security Clearinghouse; included the management and storage of related documents, such as a copy of a passport or I-9 form; -service access rights to allow approved parties to enroll their own employees and subcontractors and grant them physical access
  • 6.
    rights prior totheir on-site arrival; nd enforcing new security directives like SD-1542-04-08G, which governed the security protocols for transient aircraft and after- hours operations, or SD- 1542-04-08F, which required security threat assessments on a wider range of parties including pilots, baggage screeners, and other airport employees; systems (PACS), human resources and information technology systems, and biometric employee databases so as to generate a common workflow and consistent policies across all systems; detected and penalized, with penalties escalating with each subsequent violation; and r people have the proper access for the proper reasons. In principle, airports could have completed these processes by creating a single notion of a user’s identity for use across the entire facility and attaching that identity to a set of access rules overseen by aviation employees and airport tenants. This would have established a unified policy paradigm that issued credentials, managed rules, and modified or retracted access when the role was changed or terminated.
  • 7.
    KELLOGG SCHOOL OFMANAGEMENT 2 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023. KEL720 SFO AND QUANTUM SECURE In actuality, however, each of these procedures was handled separately, processed manually, and the results entered into separate databases. This approach led to numerous problems. For
  • 8.
    example, there wasno routine way to determine if an access card had been successfully deactivated after the termination of an airport worker, nor was there any way to tell if an airport worker without the required privileges had access to a restricted area. The databases had different formats and file types, so they could not communicate with each other or be checked for internal consistency, so updates lagged days or weeks behind actual changes such as terminations. These challenges were exacerbated by the fact that airport badging operators often lacked understanding of the strategic importance of following certain protocols and assessing risks. This led to inefficiencies, delays, and at times, compromised security levels. The disjointed execution of these processes—which were often conducted out of sequence and required additional resources for correction—undermined airports’ operational efficiency. (See Exhibits 1 and 2.) For example, one large international airport took three weeks to register an employee in the parking, payroll, human resources, and PACS databases. “You’d go stand in this huge line, and you’d get to the front of the line, and they would say, ‘This isn’t right, come back Tuesday to fill out new forms,’” said Ajay Jain, president and CEO of Quantum Secure, a provider of enterprise-wide security software solutions. “The wait was so long that people were starting to leave and just abandon these job offers, thereby creating heavy strain on airport operations.”3 The challenges did not end once a new employee was registered in the systems—any changes to access permissions required that a massive spreadsheet be
  • 9.
    printed and comparedto the list used at an access point to identify any additions, deletions, or modifications. This inefficient, highly manual, and error-prone process had been the status quo in the physical access control world for decades, but development of comprehensive software solutions offered the prospect of integrating and streamlining existing procedures. Process automation not only promised improved efficiency, speed, and cost, but also improved compliance that could mitigate potentially serious legal and reputational risks. “When you talk to a higher-level audience and outline these issues at the CXO level, that audience understands the limitations there,” Jain said. “They know they’ve got major compliance and risk issues to deal with, and they’re asking, ‘How do I clean that up? How do I make things accountable?’”4 Quantum Secure and SAFE Founded in 2005 in San Jose, California, Quantum Secure was a privately held provider of software-based solutions and platforms for physical identity and access management. Quantum Secure’s core offering was the SAFE software suite, a commercial off-the-shelf solution that streamlined the identity management and access provisioning processes for clients with large facilities that required rigorous physical security and access management procedures. SAFE for Aviation enabled users to create a single notion of identity across the entire airport that integrated previously fragmented manual processes as well as biometrics.
  • 10.
    This integration enabledsecurity 3 Phone interview with Ajay Jain, February 22, 2011. 4 Ibid. KELLOGG SCHOOL OF MANAGEMENT 3 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023. SFO AND QUANTUM SECURE KEL720
  • 11.
    managers to createpolicies and general procedures for issuing credentials and granting access to airport facilities. SAFE’s flexible system architecture and policy/rules-based framework accommodated changes and additions to rules, workflows, and policies without programming, which meant that ever- changing regulations and internal initiatives could be easily incorporated without costly upkeep and development charges. It also addressed “insider threats” by continuously monitoring video and marrying it with analytics of access behavior to identify anomalies that could provide early warning of any potential threats. SAFE for Aviation integrated directly with the existing airport security infrastructure, obviating the need for costly replacement of existing security systems, hardware, controllers, and other products. The software integrated with all leading PACS, training systems, TSA-mandated background-check processes, and other airport-specific IT systems, allowing disparate security systems to act as a single unit. (See Exhibits 3 and 4.) In 2008, Toronto Pearson International Airport deployed the SAFE suite. Based on preliminary results, the airport expected to meet the following goals:5 ssing a badge by 28 percent, from $49 to $35; minutes;
  • 12.
    minutes to 25minutes; and l audit and compliance. Bryan Scott, the Greater Toronto Airports Authority’s senior manager of security infrastructures, said, “. . . the PPCO [Pass/Permit Control Office] serves an average of 175 clients per day and more than 45,000 employees and contractors each year for a wide variety of pass/permit requests. We needed a system that could keep up with this demand, ensuring that important staff started work in a timely fashion while maintaining high levels of customer satisfaction.”6 Selecting a Solution With the announcement that SFO would be renovating Terminal 2 to accommodate increased demand for gates from discount air carriers, Dickie’s team needed to decide how to solve its PACS challenges. For decades, SFO had relied on physical access systems—the systems that opened and closed doors—that were not designed to implement integrated
  • 13.
    processes, such aspolicies related to access grant or revocation, as well as the ability to manage compliance with internal controls. Although SFO had led the industry with the installation of biometric technology at access control doors in 1990, “it was very painful,” Dickie said. “We desperately wanted to move away from legacy manual processing to automating and streamlining our credential issuance process. We 5 “Quantum Secure Deploys SAFE Software Suite for Toronto Pearson International Airport,” PR Newswire, February 3, 2008, http://www.prnewswire.com/news-releases/quantum-secure- deploys-safe-software-suite-for-toronto-pearson-international- airport- 65658767.html. 6 Ibid. KELLOGG SCHOOL OF MANAGEMENT 4 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and
  • 14.
    Transformation-1 taught byT Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023. http://www.prnewswire.com/news-releases/quantum-secure- deploys-safe-software-suite-for-toronto-pearson-international- airport
  • 15.
    KEL720 SFO ANDQUANTUM SECURE were also thinking to rip and replace our old physical access system at the same time.”7 Although SFO had managed to stave off expensive hardware upgrades for many years, the evolving demands of physical security had required periodic software upgrades, a marriage of new and old that was not without occasional problems. The Terminal 2 renovation project therefore came at an opportune moment for Dickie’s team, as it presented an opportunity to begin a migration to a new PACS on a newly opened area of the airport that did not yet face the strain of full everyday usage.8 Dickie first hired a systems integrator that shortlisted several companies and managed the request for proposal process before ultimately helping the team select a newer PACS for Terminal 2. “We had a situation where we had a 20-year-old access control system in place, and we wanted to migrate off of it into a new platform, but we had to do it in a phased manner due to bandwidth constraints,” Dickie said. “Knowing that we were going to have a newer and different PACS running
  • 16.
    in Terminal 2and the older PACS still running everywhere else in the airport, we were looking for a new badging solution that could interface with both and provide us with a much-needed identity and credential lifecycle management system—all at once.”9 This requirement meant that the badge provisioning software would have to communicate with the old and new PACS while being flexible enough to accommodate new TSA directives and interface with the newly deployed PACS. After a rigorous examination of the options available, Dickie and her team selected Quantum Secure’s SAFE for Aviation product. They considered other vendors, but felt that Quantum Secure offered the most comprehensive solution and also provided a robust audit and compliance system. “We talked to all the various vendors, and then to other airports, most of whom did not have a separate badging system; they just badge through the physical access control systems,” Dickie said. “The badges that come out in the previous process have no intelligence built in. After the physical production of the badge, all processes from pre-enrollment of an
  • 17.
    airport identity tobadge assignment to access management leading to termination of the access—all processes are done manually with lots of errors and no accountability. We knew Quantum Secure had done work for Toronto, so we called them and understood how Quantum’s technology is being leveraged by them. They had three PACS systems that they had to converge. We thought we had it bad with two. We got a lot of positive comments from Toronto and how they fully automated tough manual processes, including audit and compliance requirements. We placed a lot of importance on Quantum’s ability and willingness to service us and deliver airport-specific functionality and enhancements as they became necessary, because in the physical security world, especially with airports, the goalposts are always moving.”10 Calculating Return on Investment Dickie liked the operational aspects of the SAFE solution but still had to convince senior SFO executives that the tangible benefits justified the cost. Deciding the right amount to spend to achieve a given level of security was a challenging task, in large part
  • 18.
    because serious breachesof security were very rare but resulted in extremely painful consequences. 7 Interview with Kim Dickie, March 9, 2011. 8 Ibid. 9 Ibid. 10 Ibid. KELLOGG SCHOOL OF MANAGEMENT 5 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in Copy of MGMT 6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023.
  • 19.
    2009 2010 20112012 2013 2,000 4,000 8,000 10,000 0 SFO AND QUANTUM SECURE KEL720 The team’s research identified benefits to SFO in five major areas: reduced labor and material costs, increased accuracy of recordkeeping, improved compliance with safety regulations, and avoided costs of replacing old systems by enabling integration and interoperation. Labor Costs Quantum Secure supplied data about the impact of the SAFE system on Toronto Pearson’s
  • 20.
    badging process overthe entire user lifecycle. Upon implementing the SAFE system, Toronto Pearson estimated that its automated, interconnected identity management system would reduce the need for duplicative data entry and streamline the background- check process to onboard a new user. As a result, the time to onboard a user would fall from 9.33 man hours (560 minutes) to just 20 minutes. Dickie saw this as a significant potential cost savings if SFO’s own credentialing time could be reduced from the more than six man hours it currently took. The airport credentialed approximately 2,000 new users every year, a figure Dickie expected to grow by approximately 10 percent for each of the next five years (from 2009 to 2013), the timeframe used by its finance department to calculate the payback period for capital expenditures. Employees in the SFO security department, who performed the onboarding tasks, earned an average of $8 per hour. SAFE also enabled Toronto Pearson to increase the consistency of data entry, which reduced ID
  • 21.
    badge processing costsfrom $49 per card to $35 in the first year, with the potential to decrease further in subsequent years. SFO’s cost was approximately $44 per badge before implementing the SAFE solution. Dickie knew this also could represent significant cost savings for the 2,000 users that would access Terminal 2 using the older PACS system in 2009, and the rest of SFO’s approximately 20,000 users that ultimately would migrate to the new system in Terminal 2 as it was migrated across the rest of the airport in four equal tranches in future years. On average, identity management at SFO required approximately 15 minutes of manual processing per identity per year for each of the more than 20,000 identities. (Dickie expected this number to grow by 5 percent annually for the next five years.) Identity management consisted of changing identity records, terminating identities, changing access provisioning, replacing lost badges, and renewing old badges. Automating these tasks with SAFE was expected to reduce the time required to complete them by as much as 35 percent, which would not only increase the
  • 22.
    productivity of securitypersonnel but also prevent users from experiencing long wait times. Material Costs The enhanced functionality of the new PACS at Terminal 2 required a new, more technologically sophisticated badge for the 2,000 users accessing the terminal in 2009. Without SAFE, any users with access to both Terminal 2 and other parts of the airport that still used the older PACS infrastructure would have to carry a new badge for Terminal 2 in addition to their old badge for the rest of the airport. The old badges cost $2.00, while the new badges for Terminal 2 cost $7.00. Based on the planned rollout of the new PACS and gradual replacement of the old PACS, Dickie estimated the number of users that would need two badges over time would be as follows: KELLOGG SCHOOL OF MANAGEMENT 6 For the exclusive use of Q. yang, 2022. This document is authorized for use only by Qianrui yang in
  • 23.
    Copy of MGMT6140: Managing Digitization and Transformation-1 taught by T Ravichandran, Rensselaer Polytechnic Institute - Troy from Aug 2022 to Feb 2023.
  • 24.
    KEL720 SFO ANDQUANTUM SECURE By implementing SAFE technology from Quantum Secure, however, SFO would eliminate the need for duplicate badges, as SAFE could enable the newer badges to continue working on the older PACS system when those users accessed airport areas outside of the Terminal 2 zone (which would now use the newer PACS system). Approximately 8 percent of SFO users’ ID cards were lost every year, requiring replacement, and Dickie did not expect that this would change. Increased Accuracy of Recordkeeping Because SAFE populated recurring fields such as social security number, name, and address across multiple pages and required certain fields to be completed before moving to the next screen, Dickie knew that one of its benefits would be far fewer missing fields and mistyped information in SFO’s user database. However, the team worried that it would be difficult to place a dollar value on greater information accuracy.
  • 25.
    Dickie knew, however,that one tangible result of improved accuracy would be a reduction in the time to detect and correct errors across the airport’s various databases. The badging department reported that seven employees spent one full day each month comparing user databases and attempting to correct the errors they discovered. Toronto Pearson had reported a 90 percent reduction in this activity after its SAFE implementation; Dickie anticipated that SFO’s systems and processes were comparable to Toronto Pearson’s before its SAFE implementation, but she estimated that 90 percent was an aggressive savings assumption and that SFO would probably enjoy a slightly lower level of savings. Increased Compliance According to Quantum Secure, the SAFE for Aviation solution had improved Toronto Pearson’s compliance with various regulatory safety standards by as much as 60 percent, although it was impossible to obtain accurate data across various categories. For example, Toronto Pearson reported
  • 26.
    a drop inaccidental violations of the Canadian Air Transport Security Authority’s restricted area identification card program from 311 to 224 annually. Most of the reduction stemmed from eliminating violations resulting from users borrowing badges to access areas for which they lacked permission, a violation that could result in a fine of up to $10,000 CAD (approximately $8,849 USD at the time) per incident. SAFE