Copa Airlines

Copa Airlines is a leading airline in Latin America and one of the most successful and profitable airlines in the world. The airline offers service to 80 destinations in 31 countries in North, Central, and South America and the Caribbean. Copa Airlines was founded in 1947 and began domestic operations to three cities in Panama shortly afterwards.

The airline is headquartered in Panama City, Panama, with its main Hub of the Americas^® at Tocumen International Airport. Over the years, Copa Airlines conceived and put into practice a strategy of quick and convenient connections, making Tocumen the leading connection center in Latin America today. The airline has more than 80 offices and points of sale worldwide, is a member of Star Alliance, and has codeshare agreements with United Airlines and other carriers.

Like most airlines, Copa Airlines has IT systems that are rooted in legacy technology. Over the last few years, the company has undergone an extensive digital transformation to stay ahead in the competitive airline industry and to expand passenger services. As they did, they needed to simultaneously improve data protection and bolster cybersecurity and compliance with modern security capabilities that would future proof the environment advancements they were making.

Achieving these objectives was made more challenging by the company’s complex IT environment, which includes up to 12,000 users (including outsourced personnel), 3,000 endpoints, and a hybrid cloud infrastructure with more than 400 servers. Moving to a DevOps environment also affected security needs. “DevOps challenges us to change our mindset about how we deploy security controls and protect data,” said Alex Tarte, IT security and risk manager and chief information security officer (CISO) at Copa Airlines.

"Trend Micro’s vision and products are aligned with our industry’s major challenges from both a customer and internal user perspective."

Alex Tarte
IT Security and Risk Manager/Chief
Information Security Officer, Copa Airlines

In 2003, Copa Airlines needed to more effectively secure its endpoints without stretching its small IT staff too thin, and Trend Micro OfficeScan solution fit the bill. Later, when the airline began its digital transformation, Trend Micro’s experience at securing hybrid and multicloud environments was a key factor in that decision, as was its ability to provide the airline with an integrated, easy-to-manage security environment. “There is no other security vendor that has all of those capabilities,” said Tarte. “Trend Micro’s vision and products are aligned with our industry’s major challenges from both a customer and internal user perspective.”

Over the years, there have been no major incidents, and this has encouraged the airline to expand the relationship. In addition to the superior value Tarte gets from Trend Micro solutions, he appreciates their ability to integrate with other products. “It’s an easy puzzle to put together. We can integrate our security controls without being too intrusive on the application development or DevOps life cycle,” said Tarte. “If we didn’t have that ease of use and the ability to integrate with third-party solutions, it would be harder for us to orchestrate our processes.”

Copa Airlines originally chose OfficeScan for its ability to provide robust security controls, including antivirus protection, from a single pane of glass. As it began migrating its primary website to AWS a few years ago, the airline adopted Trend Micro Deep Security to detect and protect against vulnerabilities, malware, and unauthorized changes across the hybrid cloud and to provide virtual patching capabilities.

Soon after, the airline added Trend Micro Deep Discovery Inspector to analyze and detect targeted attacks, and Smart Protection Complete to deliver multiple layers of security, including endpoint, email, and collaboration, and web security. Finally, it adopted Trend Micro TippingPoint solution to secure connections with third parties andvendors. “We have offices in 33 countries, and we work with different airports all over the world,” said Tarte. “TippingPoint protects our networks and gives us 100 percent visibility into what’s going on in all that data traffic.”

"With Trend Micro, we have all the security controls we need to protect our infrastructure."

Alex Tarte
IT Security and Risk Manager/Chief
Information Security Officer, Copa Airlines

Since implementing Trend Micro products, Copa Airlines has benefited from frictionless cybersecurity operations. OfficeScan, Deep Discovery Inspector, TippingPoint, and the other Trend Micro products work seamlessly together to protect the airline so that it can focus on expanding its customer services and sales channels. “With Trend Micro, we have all the security controls we need to protect our infrastructure,” said Tarte.

When a third-party company the airline works with was recently hit by a ransomware attack, TippingPoint alerted Copa Airlines’ IT team and automatically protected the airline’s networks to avoid any impact. Similarly, the airline uses Smart Protection Complete to protect its Office 365 applications, prevent phishing attacks, and bolstering internal controls to improve compliance. “Trend Micro has been with us all the way, implementing solutions and making sure we have a healthy infrastructure,” said Tarte.

The company will continue using containers, DevOps, serverless functions, and APIs to modernize its IT infrastructure, and it will rely on Trend Micro solutions to ensure maximum security and data protection. The airline is also looking to migrate to Trend Micro Apex One™ solution and adding Trend Micro™ Deep Security™ Smart Check for container image scanning, integrating with their DevOp tools.

“Those are major challenges for me, we will continue to integrate additional Trend Micro products and protection to mitigate those risks and cover the gaps,” said Tarte. “I’m a huge fan of Trend Micro.”