Suspended Air

Terrorist attacks force airlines to restructure IT priorities and revamp plans
The unprecedented security lockdown That shuttered U.S. airports and grounded all planes following the terrorist attacks on New York and Washington on Sept. 11 crippled an already ailing airline industry. It's also had a ripple effect throughout the travel industry, throwing a once-supercharged business into low gear. Their stocks skidding and revenues falling, travel companies are looking hard at spending plans, including-and in some cases especially-IT budgets.

"You can't fault anybody for going back and re-evaluating strategies because the world has changed," says Tom Murphy, CIO of Royal Caribbean Cruises Ltd. in Miami.

Airlines, which have announced 60,000 layoffs across the industry, concede that a number of IT projects will be put on hold, including such critical applications as enterprise resource planning and customer-relationship management. Technologies meant to improve customer convenience and lower costs, such as self-service kiosks and electronic tickets, are in danger of being cut due to government and industry safety concerns.

There will be new costs. Experts speculate integration between government databases and airline reservation systems may become a necessary and costly IT undertaking. The federal government has agreed to provide bailout money to the airlines, including funds for new security measures. But high-tech security systems such as iris eye-scanning software and other biometric technologies-already on the drawing boards at some airlines-are expensive and hard to implement.

Photo by Tim Boyle/Getty Images

Skycaps await travelers at Chicago's O'Hare Airport last week. Air travel remains slow.
The IT systems developed by travel companies played a crucial role in helping United States through the crisis. Web sites and online systems developed over the last few years to expedite online ticket purchases and provide travel information largely held up under the barrage of inquiries from desperate, stranded travelers. Many airlines and travel Web sites scrambled to write applications that feed up-to-date information on new FAA regulations, flight information, and relevant news to their Web sites.

And IT professionals in the travel industry are ready and willing to provide whatever assistance customers and the government require. "Our IT will be ready to respond to the Department of Transportation," says Bob Galey, CIO at Amtrak.

Royal Caribbean thinks it lost between $20 million and $25 million the week of the attacks because of cancellations resulting from the ban on air travel, plus expenses such as having to put people up in hotels. Royal Caribbean had been sailing its cruise ships at full capacity. Construction of new ships between 1999 and 2004 was expected to double the number of berths offered by the cruise line, but CIO Murphy expects there will be a lag of 24 to 36 months after that capacity becomes available before those berths are filled, instead of the 12 to 24 months the company had planned on. The Sept. 11 attack "changed all the rules," Murphy says. "You'll see us delay some IT projects and cut others altogether."

Photo by Tom Salyer

Companies are re-evaluating strategies "because the world has changed," Royal Caribbean's Murphy says.
Despite the slowing economy, Royal Caribbean's management was committed to a number of big-ticket IT projects. The company had new CRM and reservation-system applications in development and planned to upgrade its J.D. Edwards & Co. ERP applications. It's too early to say just which projects will be delayed or cut, Murphy says. "There's no question that we're going to pull back on that capital spending and the associated expenses through 2002 and maybe 2003," he says.

Robert Reeder, senior VP and CIO for Alaska Air Group in Seattle, says some IT projects will suffer because of the current falloff, including a delay of about a year in the company's scheduled rollout of a PeopleSoft payroll application. But the recent attacks have resulted in new priorities. "From the event on, security became the utmost concern and still is the No. 1 concern," Reeder says.

The day of the attacks, collaboration software that Alaska Air uses from Centrinity Inc. let the airline build online workspaces that security people could use to share information and distribute security bulletins. While the government's security rules evolved, Reeder says, the software made it possible to ensure everyone knew where the best information was at any given moment.

The week following the attacks, Alaska Air's IT workers developed applications that post flight schedules, cargo loads, passenger counts, and other information on the company's portal to help operations people restart the business. IT also wrote applications that would help Alaska Air share flight and passenger information with sister regional airline Horizon Air Industries, which was able to query Alaska Air data to find out when and where planes would fly and passenger and cargo loads.

In the tragedy's aftermath, several travel companies were grateful for their investments in customer-facing technology. Under normal circumstances, Delta Air Lines Inc. says it receives about 70,000 hits a day on its Web site. The week of the attack it saw 10 times that many queries each day. About 130,000 passengers viewed their flight itineraries online that week, compared with about 50,000 in a normal week. Delta says the increased traffic wasn't a problem due to redundant systems in two Atlanta locations.

Orbitz, an online travel reservations Web site formed by five airlines-American, Continental, Delta, Northwest, and United-immediately began posting information to keep customers informed of changes to flight schedules, FAA regulations, and events surrounding the airline lockdown. The Chicago company says it boosted its call-center staff to handle an increase in customer-service inquiries, cancellations, and refunds.

Photo by D.A. Peterson

Amtrak's ridership surged after the attacks, CIO Galey says; IT plans for next year, including a reservations systems upgrade, will move ahead.
The day after the attacks, Amtrak was deluged with calls for travel information and reservations. Via Amtrak's Web site, 5,100 people booked train reservations that day-accounting for a one-day record 9.1% of revenue-vs. the usual 3,700 reservations booked daily on the Web site. "All our systems held up very well," CIO Galey says.

Amtrak's heightened business is an exception to the current travel-industry slump. Since last week's attacks, Amtrak has had about 80,000 passengers a day, up from the average of 60,000 daily riders that's usual this time of year. Amtrak will move ahead with its IT plans for next year, Galey says, including upgrading its reservation systems from mainframes to servers. "A large amount of IT dollars is being spent on modernizing our reservation system," he says.

Continental Airlines was grateful for its sophisticated intranet, which it used to convey up-to-date information on developments within the company to its 53,000 employees immediately following the attacks, says CIO Janet Wejman. Also, Continental employed an application still in development that automatically reschedules the airline's traffic when there's a major problem. Continental tested the app earlier this year when a flood in Houston closed George Bush International Airport, the company's home base. "Normally, it would take us 72 hours to get the airline back in place," Wejman says of that disaster. "It took us six hours." It wasn't that fast this time, given FAA regulations, security requirements, truncated schedules, and fluctuating demand (see story, below).

The next step for the industry will be to determine what new technologies are needed to ensure a safe environment that will entice passengers back to traveling. Electronic airline tickets, which let passengers show up at a flight gate without an itinerary or boarding pass, have been restricted. Southwest Airlines Co. has had to make adjustments to its Web site to let consumers print out travel itineraries; each travel itinerary has to be reviewed by a Southwest supervisor at every airport during check-in, according to an airline spokeswoman. Prior to the attacks, passengers needed only their confirmation number for check-in.

Still, airlines hope to continue using E-ticket technology, which has saved the industry $2 to $5 a ticket on every ticket bought electronically since being implemented in 1995. E-tickets remain the preferred means for how Delta deals with its customers, according to a spokesman.

Alaska Air anticipates the end of self-check-in kiosks, those ATM-like devices at airports that let passengers check themselves in to their flights and print out boarding passes. Instead, all passengers will have to deal with an airline clerk and possibly show two forms of ID. Immediately following the attacks, self-service kiosks were shut down, but airlines such as Southwest and Delta have re-activated their kiosks. Also, Northwest Airlines Inc. will re-activate its Internet check-in system this week, says Al Lenza, VP of E-commerce. Before the attacks, the Eagan, Minn. company had 25,000 Internet check-ins a week, Lenza says.

Alaska Air had been looking at technology using iris and fingerprint scanning, not from a security standpoint, but as a way to enable faster check-ins for customers. The company now employs an application that lets an attendant scan a boarding pass at a podium at the jetway door and the passenger's photo pops up on a computer screen, eliminating the need to show an ID. The passenger, usually a frequent flyer, must let the airline take a photo and keep it on file. In the future, those kinds of applications may be used as much for security as customer convenience. "At the jetway door, we've got one more opportunity to verify who you are, and that's a good thing," says CIO Reeder.

Iris and fingerprint-scanning technologies and other biometric security systems may be hard for the public to swallow, however. "While there's a long-term potential for these technologies, they're going to have to be balanced out with privacy concerns," says Henry Hardevelt, a senior analyst for Forrester Research. There are also logistical problems associated with such technologies. Gathering data on every traveler and storing it in a central database is difficult and expensive. For example, Hardevelt points out that many international travelers use domestic tickets, complicating the issue even further. Using the technology for airline employees might be a more likely application, Hardevelt says.

Privacy issues have already popped up within the travel industry in the wake of the attacks. Hotel groups such as the Hilton Hotels Corp. are reviewing their security policies to reassure customers that data about hotel guests stored in IT systems is safe and private. A Hilton spokeswoman says immediately after the incident, guests were concerned that personal data in the hotel's system might be available to outsiders-either hackers, terrorists, government officials, or other guests. "It's important to stress the IT systems we have in place are secure," she says.

Information stored in government databases has the potential to be integrated with airline reservation and check-in systems for long-term security monitoring, and some interested parties believe the federal government may be moving in that direction. Amtrak's Galey says the company's next IT priority may be to comply with requests from the DOT to help boost national security. Galey declines to disclose what sorts of IT projects might be involved, but says checking passenger reservations lists against FBI or Immigration and Naturalization Service lists may fall under the "safety and security" projects the Transportation Department might want to implement.

Jim Dullum, president of the global transportation industry group at EDS, an IT supplier to the airline industry, expects airlines to run their security systems in parallel with their CRM and reservation systems, since security will be tied to government operations. "As we look forward to the security systems of the future, it's the integration of those components that will be the next hill for us to climb," Dullum says. The new security systems will be deployed in phases over the next one to two years, he predicts.

Even with immediate security enhancements, it may be a while before airplanes, cruise ships, and hotels are filled to capacity again. In the first quarter of 1991, during the Gulf War, PricewaterhouseCoopers says hotel occupancy nationwide fell 6.1%. The airline industry was off 30% to 40% during the same time. Says Forrester's Hardevelt, "There are a lot of airline companies and the travel companies that can't wait to flip the calendar."

--With Robin Gareiss, Marianne Kolbasuk McGee, and Rick Whiting

Photo of O'Hare airport by Tim Boyle/Getty Images
Photo of Murphy by Tom Salyer
Photo of Galey by D.A. Peterson

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing