A simple Office license renewal request uncovered a deeper issue onboard one of our client vessels: the continued use of a standalone PC. While the vessel had adopted MarPoint’s UNI virtualization server across most systems, this one exception revealed how a single device can introduce unnecessary cyber risk and disrupt IT resilience.
What is UNI and what does a virtualization server do at sea?
UNI Virtualization Server is a maritime-optimized virtualization server that centralizes all vessel IT operations. Instead of running software locally on each PC, applications and data live inside secure virtual machines hosted on UNI. Crew and officers access these VMs through thin clients or secure remote access, providing a controlled, monitored, and secure digital environment onboard, built to withstand the connectivity challenges and cyber threats of life at sea.
The Situation
Most onboard workstations were operating as thin clients, connected to the UNI server where all software—including productivity tools like Microsoft Office—runs as isolated virtual machines (VMs). But one standalone PC still relied on a local Office installation, and its license had expired.
Rather than renew the license locally, we advised the IT Manager to transition the user to access Office through UNI. Beyond cost, the reason was cybersecurity and operational control.
The Risk with Standalone PCs
Using a local PC outside of the UNI environment exposes the vessel to multiple risks:
Cybersecurity vulnerability: Local apps and files aren’t protected by the same layered defense, monitoring, or policies enforced on the VM.
Data loss: Files stored locally are not included in the automated, centralized backup routines.
No rollback: With no VM snapshots, recovering from user errors, ransomware, or corrupted systems becomes time-consuming and unreliable.
How UNI Secures the Vessel Environment
UNI server creates a secure and flexible virtualized IT infrastructure onboard, built for the demands of the maritime environment.
Active-active cluster: With three active nodes, UNI ensures high availability. Even if one node fails, services continue uninterrupted. This design allows hardware maintenance or failure recovery without interrupting onboard operations—an essential feature for vessels at sea. It also plays a key role in strategic disaster recovery planning, as discussed in this blog post.
Thin clients: All user access is via thin clients. These devices don’t store data; they simply connect to virtual desktops. As explored in our post on thin clients, they reduce the onboard IT footprint while maximizing control and cybersecurity.
Centralized backup: Scheduled backups cover not just user files but the full system state.
Snapshoting: Admins can take snapshots of VMs at key moments, creating instant recovery points in case of attack or failure.
Snapshot vs. Backup: What’s the Difference?
Backup: Copies of data/files created on a recurring schedule. Useful for long-term retention.
Snapshot: A near-instant image of a VM’s entire state at a specific moment. Ideal for fast rollback after updates, crashes, or infection.
Why Thin Clients Matter
Thin clients are essential in maritime IT. They reduce hardware costs, are easier to manage remotely, and eliminate local storage risks. If a device fails, it can be replaced in minutes without any data loss or software reinstallation.
As highlighted in our thin client blog, this model supports a safer, smarter vessel IT environment where centralization and control are key.
Final Thoughts:
This case is a reminder: even a single standalone PC can threaten vessel-wide cyber safety. With UNI, you gain a resilient, secure, and easy-to-manage infrastructure that keeps your fleet sailing smoothly—and safely.
