The client: Viva Airlines
In recent years, the aviation sector is one of the sectors that has worked the hardest to protect against cyber threats, as these are infrastructures considered critical worldwide. Cyber-attacks such as those suffered by EasyJet in 2020 or Air India in 2021 highlight the importance of protecting the sector internationally.
Viva is the leading low-cost airline in Colombia. It operates 44 domestic routes, five in Peru, and 10 routes to the United States, Mexico and Punta Cana. In its 9-year history it has transported more than 31 million passengers and in 2021 it made Medellín its official HUB for its domestic and international operations. Recognized for its proven biosecurity protocols, punctuality and for having one of the most modern fleets in Latin America with 20 Airbus 320 aircraft, Viva continues its path of expansion by introducing low-cost air travel wherever it operates.
Thanks to its expansion and growth, and together with the new group work philosophy with open space offices, there is a need to extend the security of endpoints outside the network perimeter, regardless of the location of the users. Thus, Viva looks after your cybersecurity and safeguards your information.
Challenge
Viva is in the process of growing and expanding its fleet, with the goal of opening 15 new international destinations in less than 3 years. In parallel, adapting to market changes and in response to this growth, the airline has joined efforts to support teleworking, in addition to reorganizing its offices following the concept of open space, trusting in cybersecurity and taking endpoints outside the network perimeter. It was therefore necessary for all devices to have the same level of security, regardless of where they are located.
«We posed this challenge to Sofistic with our days numbered. We had decided that our office in Medellin would be located in a co-working space, so we needed to secure the endpoints outside the network perimeter so that the devices would provide the same level of security regardless of where they were located»
Solutions
Detection of out-of-date software and complete threat visibility.
Thanks to the combination of the Microsoft Defender solution for endpoints and Microsoft Intune, out-of-date software can be detected and isolated, protecting clients from further cyber-attacks and gaining a full overview of threats.
Secure environment deployment
Also, taking into account that the company was using Microsoft Azure, it was a challenge to implement a series of configurations that would force teams to use this secure environment.
«We decided to leverage the technology that was there and took on further the services.»
With these solutions, Viva was able to manage and secure computers from the cloud, without the need for domain controllers or VPN connectivity. And the company was able to ensure full compliance with device browsing control, software update control and threat protection on more than 400 devices.
Fabian Ramos reports that the implementation was completed in three weeks, so they were able to successfully inaugurate their new office, where they shared infrastructure with other companies, meeting the deadline.
Results
«We now have employees working from different cities and countries with the security guarantees we required»
Future actions
Cybersecurity continues to be one of the most important challenges facing the aviation sector in in the coming years.
Major threats have to be dealt with.
As with other critical infrastructures, the type of attacks - increasingly sophisticated - has made it necessary to change the paradigm to try to reduce potential risks in multiple areas (physical infrastructure, cloud services, web services, etc.).
Anticipating potential cyber threats remains the best security policy. For this reason, it is necessary to perform a complete vulnerability analysis in order to focus on the adoption of specific technologies, always with the goal of protecting organizations actively and in real time.
