In Swissport’s world, strengthening safety and networking offers a chance to serve extra prospects and develop.
Swissport’s international IT operations began to reveal the strains of counting on legacy techniques for safety and networking, which had been shortly turning into a legal responsibility for the corporate. Senior administration may see that centralized visibility was a significant problem, which led them to take fast motion.
Swissport’s development outpaced its legacy techniques
The safety and networking challenges that Swissport confronted started to multiply as its enterprise growth accelerated. Legacy techniques had been hindering the power to serve prospects, safe international places and increase the enterprise. The senior administration staff advised VentureBeat that legacy techniques weren’t maintaining with the tempo of their enterprise, main the staff to contemplate new options, beginning with safe entry service edge (SASE).
In 2024, Swissport supplied floor companies for 247 million airline passengers, dealt with greater than 5 million tons of air freight at 117 cargo facilities and served airways at 279 airports in 45 nations throughout six continents. Because the world’s largest supplier of floor and cargo dealing with companies within the aviation business, a core a part of how Swissport excels for its prospects is connecting and securing its international IT operations. That’s desk stakes for a enterprise with over 26,000 customers, together with floor crew and distant employees.
“The biggest challenge wasn’t just visibility—it was consistency,” mentioned Giles Ashton-Roberts, Chief Data Safety Officer at Swissport. “We had to unify how we enforce security across hundreds of sites without slowing down the business.”
From fragmented infrastructure to SASE
“We’re truly a 24/7 business. It’s always peak time somewhere in the world, and we need to keep our network both secure and available,” Richard Thorp, Chief Know-how Officer at Swissport, advised VentureBeat in a current interview. “That means standardizing security and making sure every user and every device is covered—whether they’re in a coffee shop or on the tarmac.”
Legacy techniques weren’t scaling quick sufficient to maintain up with the fast growth tempo that Swissport was experiencing. Legacy techniques, together with the fragmented infrastructure on which they had been based mostly, had been slowing down development and creating potential safety and networking challenges. Swissport set formidable objectives to redefine its safety and networking stack, changing fractured digital non-public networks (VPNs), disparate home equipment and inconsistent coverage enforcement with a wholly new SASE structure.
“Before this change, we were managing different systems across different sites with different policies—and visibility was fragmented,” Thorp mentioned. “Now we operate under one set of security policies globally, and I can sleep at night knowing the environment is secure.”
Each connection, whether or not from an airport kiosk or a hybrid work system, is now identity-aware, repeatedly risk-scored, and enforced in real-time from a single, cloud-native SASE platform. Zero Belief is enforced on each endpoint and interplay, giving Swissport the pliability to develop on the tempo it must whereas serving its rising buyer base.
Why SASE is on the core of Swissport’s architectural overhaul
Swissport’s determination to undertake SASE structure underscores the significance of sustaining real-time responsiveness, transparency and accuracy to maintain and improve its quite a few buyer relationships worldwide. Excellence in international aviation companies happens when each working unit has the mandatory information. SASE helps Swissport create a unified staff galvanized to the frequent purpose of excelling on behalf of shoppers.
VentureBeat is seeing SASE ship advantages past changing legacy techniques with a unified structure. The quicker and extra correct the info, the extra a enterprise can attain distant workplaces and places, conserving them coordinated with broader groups and reaching a better return on invested capital (ROIC).
VentureBeat can also be seeing this play out throughout capital-intensive companies companies at the moment, the place enhancing responsiveness and unifying geographically numerous networks has a direct influence on income. Core to Swissport’s SASE technique is a unified structure that unites over 320 places, guaranteeing safer, real-time communications throughout every location and network-wide.
In defining its SASE technique, Swissport opted for a single, cloud-native SASE platform. Gartner notes there are a lot of advantages to this method, together with platform unification, simplified coverage management and identity-aware entry that adapts in real-time.
Swissport did their due diligence throughout all SASE distributors who additionally supply zero belief as part of their structure and selected Cato Networks for its single administration aircraft, unified information lake, international Factors of Presence (PoPs) and talent to break down software-defined extensive space community (SD-WAN) and safety into one enforcement layer. Thorp advised VentureBeat {that a} important motivation for adopting a SASE platform was the necessity to transfer away from supporting quite a few legacy platforms, every with its distinctive configuration. “Different platforms required different configurations, which complicated troubleshooting and made security enforcement a challenge,” mentioned Thorp.
“Cato’s TLS Inspection gives us the ability to inspect encrypted traffic while avoiding unintended service disruptions,” mentioned Ashton-Roberts. “It’s been a major improvement to our security posture.” Transport Layer Safety (TLS) inspection is central to sustaining Swissport’s community and safety infrastructure. Encrypting and decrypting TLS and safe sockets layer (SSL) visitors is important in Swissport’s SASE infrastructure, because it secures information and helps determine potential threats. TLS inspection analyzes the contents of each encrypted message to detect malware, information exfiltration, or different malicious actions that could possibly be extra damaging.
5 classes realized from Swissport’s SASE blueprint
Whereas most enterprises are attempting to combine safe service edge (SSE), SD-WAN, and ZTNA from a number of distributors collectively, Swissport selected to go all-in on platform consolidation with Cato to break down their safety tech stack, standardize coverage enforcement and embed safety straight into the community material.
Ashton-Roberts and Thorp advised VentureBeat that SASE is delivering the visibility they should hold their international IT operations operating easily. On the identical time, Zero Belief enforces the least privilege and protects property, assets, and, most significantly, the identities and roles of workers and prospects on the community.
Swissport’s SASE blueprint contains the next 5 rules:
Finish-to-end zero belief turns detection into instantaneous motion. Swissport is imposing Zero Belief throughout each edge and endpoint. They’ve changed legacy VPNs with a totally authenticated, segmented and adaptive community material that repeatedly scores each session for danger. “Within 15 minutes, our team identified excessive database traffic, blocked the device and restored normal operations—something that would’ve taken us days before,” Thorp advised VentureBeat.
World safety will get simpler when coverage is unified. Swissport’s legacy techniques had been a patchwork of multiprotocol label switching (MPLS) hyperlinks, region-specific VPNs and remoted firewalls, every created at totally different instances and all delivering inconsistent coverage enforcement and fixed friction. Now, a single coverage framework governs community entry throughout Amazon Net Providers (AWS), Microsoft Azure, cloud SaaS purposes and airport edge techniques. There’s no location-specific logic or guide drift, simply real-time management. Gartner forecasts that by 2027, 40% of enormous enterprises will undertake location-agnostic enforcement as a zero belief community entry (ZTNA) baseline, up from lower than 10% in 2024. Swissport is already working on that mannequin, flattening complexity whereas growing attain.
Actual-time visibility is a enterprise accelerator driving outcomes and ROI. Legacy techniques left Swissport blind to cross-domain threats. Correlating the basis trigger with the response took days. Now, all visitors, from airport terminals to cloud SaaS purposes, is streamed right into a single information lake that helps steady, role-based entry management (RBAC) and menace analytics. “It’s incredibly easy to pinpoint connectivity issues, analyze traffic patterns, and secure our network from a single interface,” Thorp mentioned. In line with Gartner, fewer than half of distributors present unified observability throughout customers, units and apps in any respect edges. Swissport constructed it into the muse.
Decrypt all the pieces, disrupt nothing: Safe TLS at scale. Encrypted visitors is the brand new blind spot. Many enterprises nonetheless bypass TLS inspection to keep away from latency or utility breakage. Swissport selected in another way. By deploying full inline TLS inspection throughout its spine, Swissport maintains visibility into encrypted threats with out disrupting mission-critical aviation techniques. Most SSE and ZTNA distributors nonetheless depend on partial decryption or bypass tunnels, in keeping with Gartner’s newest assessment of adaptive entry capabilities. Swissport proved full inspection is achievable even in high-sensitivity, high-availability environments.
A SASE platform drives quicker enterprise wins. Swissport didn’t add extra distributors; they consolidated them. A SASE platform changed a sprawl of SD-WAN home equipment, VPN concentrators, and standalone safety instruments. The consequence? Websites come on-line in hours, not weeks. New customers are protected immediately. Coverage modifications propagate globally in minutes. Gartner tasks that 65% of all SD-WAN purchases will probably be bundled into single-vendor SASE platforms by 2027, up from simply 20% in 2024. Swissport didn’t wait. They made SASE the baseline, not a bolt-on, and it exhibits of their international agility.
Every day insights on enterprise use instances with VB Every day
If you wish to impress your boss, VB Every day has you lined. We provide the inside scoop on what corporations are doing with generative AI, from regulatory shifts to sensible deployments, so you’ll be able to share insights for optimum ROI.
An error occured.
