A leading global airline arrives ahead of schedule at cloud computing PCI DSS compliance, thanks to Sumo Logic’s Cloud SIEM solution

With an illustrious history dating back nearly a century to the dawn of commercial aviation, the airline company has maintained a dedicated mission to achieve the highest standards of safety and reliability. The company continues to earn trust with its customers and in the industry by doing things the right way and delivering on its commitments every day. The airline’s obligations to its customers extend far beyond the travel experience to include safeguarding their personal and financial details. Not surprisingly, with more than 162 million revenue passengers in 2019 alone, the company processes an enormous amount of credit card transactions each day. In fact, the Payment Card Industry Security Standards Council (PCI SSC) – a widely respected financial standards body – designates the airline company as a Level 1 merchant, its highest ranking. This means that the airline is subject to the most stringent PCI Data Security Standard (PCI DSS) stipulations, which includes 12 requirements for monitoring and maintaining a secure cardholder data environment.

As part of its ongoing commitment to innovation, a leading global airline company embarked on a major initiative that—when fully completed–would entail moving hundreds of applications to the cloud. However, essential to this initiative was the need for the company’s nascent cloud platforms to first attain compliance with the highly demanding PCI Data Security Standard. Failing to achieve this milestone would endanger the company’s entire digital transformation efforts. The airline company always seeks new methods for leveraging technology to support its drive for innovation and efficiencies. These objectives were instrumental in the company’s executive mandate to adopt a cloud-first strategy for its systems and applications. For example, the airline made major investments in Amazon Web Services (AWS), Microsoft Azure, Office 365, and SharePoint. Kubernetes also features prominently in the company’s portfolio. To date, the airline has deployed approximately five, major solutions to the cloud, underpinning critical functions, such as baggage tracking and carry-on monitoring. While that’s an impressive number, there are still hundreds of other applications to migrate. Regardless of the exact cloud vs. on-premise blend of the airline’s systems and applications, one overarching fact remains: the company is obligated to adhere to its rigorous PCI DSS regulations at all times. This reality means that the airline must constantly scrutinize its entire operating landscape to uncover any security risks to its cardholder data that could jeopardize the company’s cloud computing business strategy.

In an effort to supplant earlier attempts that fell short of the company’s objectives, the airline company standardized on Sumo Logic’s Cloud Security Information and Event Management (SIEM) solution, while concurrently adopting a far-reaching set of supporting procedures and best practices. The airline’s infrastructure team carried out a proof of value (POV) and completed it in four weeks spread across approximately four months. The airline selected Sumo Logic based on a combination of factors that included: Cloud-native solution, Speed to PCI DSS compliance, Ease of configuration and administration, Data ingestion, Reference accounts, Cost effectiveness, and Pre-sales support. Upon POV completion, the airline instantly converted its evaluation environment to production. Simultaneously, the company began ingesting machine data from additional AWS data sources, such as SNS notifications. Earning PCI DSS compliance for its cloud architecture was the airline’s initial rationale for picking Sumo Logic—a milestone attained when the airline went to production, within four months of beginning the POV. Sumo Logic’s Cloud SIEM solution has proven to be popular with up to 30 active users distributed across a broad range of specializations, including colleagues from the Cloud Security, Architecture, Incident Response, and Threat Monitoring/Analysis teams. By centralizing the airline’s security-related raw log data into a centralized, consistent repository, Sumo Logic is producing dramatically lower quantities of false positive security alerts. The company has also uncovered multiple, supplemental use cases for its Sumo Logic investment, such as correlation and automated workflows. The airline is taking this opportunity to establish overarching machine data-oriented policies and procedures for its application teams to follow, which is providing an important foundation for a DevSecOps culture to take root.

• Sumo Logic’s Cloud SIEM solution has proven to be popular with up to 30 active users distributed across a broad range of specializations, including colleagues from the Cloud Security, Architecture, Incident Response, and Threat Monitoring/Analysis teams.
• By centralizing the airline’s security-related raw log data into a centralized, consistent repository, Sumo Logic is producing dramatically lower quantities of false positive security alerts.
• The company has also uncovered multiple, supplemental use cases for its Sumo Logic investment, such as correlation and automated workflows.
• The airline is taking this opportunity to establish overarching machine data-oriented policies and procedures for its application teams to follow, which is providing an important foundation for a DevSecOps culture to take root.
• Sumo Logic has been a reliable, trusted partner for the airline on its journey to the cloud. The account team conducted multiple training and certification sessions for all types of users, as well as assisting the company to incorporate machine data from new data sources.

• The airline reached its PCI readiness goals far more quickly than anticipated.
• The airline went to production within four months of beginning the POV.
• The airline still has more than 200 on-premise applications that it plans to transition to the cloud.