Carriers should look for a software provider with a data-first, cloud-based mentality, which means putting data security front and center. Customers’ security and data privacy should be taken seriously and follow the most stringent SOC 2 cloud-based storage regulations.
Leveraging data as efficiently as possible is essential for airlines to compete in an industry with ever-tightening margins. Airlines entrust their software providers with the use of massive volumes of confidential and proprietary data, and the way that data is treated – with the highest fidelity of data security and privacy – is of utmost importance.
How data is cared for can greatly depend on the local governance rules for the region in which the data is stored. Of course, as a carrier, you want the most stringent rules – without compromise. The best method is to find an experienced provider who can hand-pick specific combinations of data storage locations per airline customer to balance the need for data protection governance against performance and reliability.
How should customer data be protected?
When a software provider receives data, they should maintain full encryption at all times – both in situ and in transit.
There are two aspects to this data encryption strategy. One is protecting the data from the place of origin and destination so that only authorized recipients can access the content. At the same time, recipients can also be assured that the content is created by the senders they trust. Transmission of the data over the internet must be protected with industry-standard encryption so that no one else will be able to eavesdrop on the content.
Customer data should be stored in separate domains so that data is not commingling, never leveraging one customer’s data to use on another’s. Each customer data set must be kept securely in its own protected area, and the data should never be shared with other clients without their permission. There should never be a risk that an airline could give its vendor data and have it fall accidentally into a rival’s hands, for example, through human error.
Managing and protecting data in transit
The other part of the encryption strategy, called data in transit, protects the data when it is being moved from one place to another. In this instance, a software provider will use encryption along the way so there cannot be any eavesdropping on the line, for example. This ensures end-to-end encryption with the data at rest and data in transit. Nobody can eavesdrop on it and then pick up what the content is until it reaches a place within the provider’s four walls. Then it is decrypted and processed internally.
But not every airline software provider follows this stringent method of data protection. Many solutions are actually held in-house – also known as on-premise solutions. They are located within the airline itself, on the airline’s servers – they don’t move data around outside the airline – so data security is focused around internal employee access control.
It all comes back to the way a provider has built their cloud solution from the ground up, putting data security front and center. Only then can the front end deliver – with accuracy and authenticity – the most advanced revenue management and commercial insight solutions for airline customers.
By Steve Luk, Senior Director, Data Platform