Case Study: Major U.S. Airline achieves PCI compliance and secure credential management with CyberArk

Major Airline Makes a Commitment to PCI Compliance and its Customers

A major U.S. airline with one of the country’s largest travel websites needed to address critical PCI-DSS requirements as its e-commerce business grew. The company was storing cardholder data to support bookings and relied on legacy back-end systems and hard‑coded, non‑expiring passwords that created audit failures, security risk and potential service disruption.

The airline deployed CyberArk’s Privileged Account Security Solution—including Enterprise Password Vault and Application Identity Manager—to centrally manage and rotate privileged and application credentials across Windows, UNIX and Oracle systems, and to remove hard‑coded passwords from app scripts. This allowed regular password changes without breaking transactions, satisfied auditors, achieved PCI compliance, reduced risk of fines and service disruption, and strengthened protection of customer data and the brand.