The mission of Sea Pioneer Shipping Corporation is to cover clients’ needs with professionally operated bulkers and tanker fleets in the most efficient way, warranting a safe, cost-effective, and trouble-free transportation of cargo.
After careful consideration of cybersecurity requirements and best practices, Sea Pioneer Shipping’s ICT department chose to implement the UNI Virtualization Server solution on their vessels.
The Challenge: Modernizing IT Infrastructure
Sea Pioneer sought a reliable solution to centrally manage the operation and user access of critical functions and applications onboard, like their Planned Maintenance System (PMS). Their top priority was to replace a single PC with a secure host for the PMS while ensuring proper user access and communication with the office.
As part of Sea Pioneer's commitment to excellence, the ICT Department is dedicated to ensuring the efficient and secure management of all software applications and network-connected assets onboard our ships.
To ensure business continuity for critical applications like our PMS, the UNI system allows each node to create and store differential snapshots for up to 40 days for every virtual machine it hosts. This enables swift recovery in case of any issues.
Furthermore, as part of our Identity and Access Management (IAM) strategy, the UNI virtualization environment, which serves as the central workstation on the vessel, is configured with smart policies. These policies grant users "least privilege" access based on their specific onboard roles.
Additionally, UNI policies enforce frequent password changes for all accounts, further mitigating the risk of unauthorized access through compromised credentials.
Finally, to prevent direct user access to virtual machines, the MarPoint solution utilizes Linux thin clients. These thin clients provide a secure way for users to interact with any VM hosted by the UNI system.
MarPoint's Best Practices on Sea Pioneer Ships
The UNI Virtualization solution incorporates several best practices to enhance cybersecurity:
- Class-Approved Triple Cluster Server Solution: This eliminates a single point of failure by providing triple backups of all business files and applications (PMS, e-navigation, email, etc.).
- Disaster Recovery: This ensures a quick recovery of the entire IT infrastructure after a cyber incident.
- PC Management (Thin Clients): This includes performance monitoring and patching for reliable performance.
- USB Management Policy and Monitoring: This enables control over USB devices to prevent potential security risks.
- NAS Management and Monitoring: This ensures the proper performance and security of network-attached storage (NAS) devices.
- Vulnerability Management & Asset Management: This involves monitoring all IT assets onboard for status and performance assessment, identifying potential vulnerabilities.
- Endpoint Protection & Remote Management: This provides comprehensive security for individual devices and allows for remote management support.
- 24/7/365 Support: This ensures continuous technical assistance whenever needed.
