The Airport Principle: How to arrange your IT systems
Running a business, you are faced with frequent questions about your IT — things like: ‘What do we need our IT systems to do?’, ‘What software do we need?’ and ‘Is our cyber security strong enough?’
You not only have to work out whether you have all the systems and programmes you need, but you need to be sure they’re all working in harmony. It’s a lot for a busy person to try and get their head around, let alone implement. That’s why we recommend the Airport Principle.
What’s the Airport Principle? It’s a simple checklist to see if you have the systems you need, based on the processes you’ll encounter when you travel by air.
- Check-in (data storage)
- Sniffer dogs (Managed Detection and Response)
- Flight (cloud)
- Passport control (firewall)
- Air traffic control (team overseeing)
Here’s how it works.
Check-in – data storage
You arrive at the airport, and you hand over your belongings to the airline. They label it and it disappears on a conveyor. Why are you comfortable doing that? Because you trust that the system will look after your bags, put them on the right plane, and reunite you with them at the other end.
Your Malaga trip is ruined if you find out your bags are in Geneva and all you’ve got is a rubbish overnight bag from the airline. So, your first IT question needs to be ‘When we store our data, are we confident it’s safe, and we can get it back when we need it, in the same state we left it?’
Properly managed data means that your business decisions can be based on an accurate picture. Managing your data efficiently allows you to process more of it, and build a strategy around an even more detailed version of the truth which is invaluable at making well-informed commercial decisions.
Sniffer dogs – MDR
You will see the odd security professional walking a trained dog around the airport. As you know, those dogs are trained to sniff out explosives before they get anywhere near departures. The question is, do you have your own IT sniffer dogs?
Managed Detection and Response (MDR) actively hunts for threats and puts a stop to them before they can cause serious damage to the business. In the current cyber security skills crisis, a lot of businesses are outsourcing their protection, and relieving the burden on their remaining team members, who would otherwise have to spend 30 minutes dealing with each security alert, and 32 minutes addressing each false alarm.
You’re trying to get to the cafes, restaurants, shops, and bars before you have to board, but before that you’ve got to surrender your hand luggage, empty your pockets, take off your belt and shoes, and possibly get frisked by a less-than-gentle security operative. It’s not fun, but it’s not avoidable either, and you’ll do as the airport asks, or you’re not flying.
Your IT security can be equally frustrating for your teams. They probably don’t find multifactor authentication much fun, and don’t particularly appreciate frequent reminders that their password can’t be ‘p@ssw0rd’. The grumbles might not go away, but are you sure your team is following all of the rules and best practices?
The vast majority of data breaches are caused by human error. Various studies put the figure somewhere between 88% and 95%. Eliminate those lapses in your internal security, and you’ve eliminated all but a few of your breaches.
Air Traffic Control – Monitoring and Coordination
Without teams looking at the big picture, communicating with the other teams, anticipating challenges, advising and changing course as appropriate, it would be a matter of (a very short) time before something went seriously wrong at the airport.
In the same way, you will find that everything runs better, and your systems are safer, when someone is responsible for the strategy, is proactive about efficiency, and addresses weaknesses before they become crises. Finding this skill in-house can be difficult as often the day-to-day distractions take over.
The Flight – Cloud
Once an unthinkable subversion of nature, then a dangerous pursuit for eccentrics and daredevils, flight is now a routine commercial service. Just as you’d once never dream that data could be safe on the cloud, it’s now unusual not to use it. Why? Because it’s safe, efficient, cost-effective, and well-proven.
Now, the airline chooses its aeroplanes sensibly. They wouldn’t run a Southampton to Newcastle flight with an A380, or attempt a transatlantic crossing with an ATR 72. Similarly, you need to choose your cloud solution based on your business size, and how you’re going to use it. That’s where expert advice is invaluable — one size doesn’t fit all, and an experienced partner can find a solution that is tailored to you.
Passport control – Firewalls
When you get off the plane, there is one more step before you can get to arrivals — passport control. If you were a threat or you weren’t allowed in the country there’s still something to stop you, even if you’d made it that far.
In your systems, firewalls aren’t only to stop cyber threats getting in, they’re there to stop them getting all the way through. Without internal barriers, once a cyber criminal is in, they have free roam of the network. You need a way to contain them. 74% of businesses have firewalls that cover their whole network, including individual devices. Do you have the barriers you need to keep threats’ access and impact to a minimum?
Some airports run smoother than others, and businesses’ IT systems are the same. We design IT systems that are tailored to your business, and that transform productivity, efficiency, and security. We take the time to understand how you and your teams work, so that we can create a solution that truly complements your company culture and commercial goals.
Get your FREE IT security review and see if yours needs improving.