Superyacht cybersecurity

Aug 17, 2017 | Blog

Keeping Your Yacht Secure

Despite sporting some of the most high-spec technology, security remains a constant issue for today’s superyachts, especially due to their BYOD environment status and associated risk. Whether travelling or at anchor, cybersecurity is of the utmost importance on board luxury vessels. So you need to get it right! Employing experts in the field is key to maintaining smooth operation of your vessel and ensuring your security.

 

OceanWeb – A Trusted Name for More Than 90 Superyachts

Dr Ben Hextall, OceanWeb’s managing director and founder, has managed a vast network over the course of his career. He has worked across many types of marine vessel, from racing yachts to superyachts and all that’s in between. Today, the company’s expertise in IT services and cybersecurity is lent to more than 90 superyachts globally.

 

The unique challenges of superyachts

It is the very uniqueness of superyachts that makes them so desirable among the very rich. They are magnificent holiday homes on the sea. Owners and guests can indulge themselves with an array of toys and other luxury items. Technology plays a key role in this opulent lifestyle, and in many ways, cybersecurity is as unique as the yachts themselves.

For crew, superyachts are not just a place of work but also a place of everyday living. Technology is tied into many aspects of their work and personal lives through mobile phones, tablets, and laptop use. A superyacht is considered a “bring your own device” (BYOD) environment as owners, guests, and crew all have personal devices that connect to the onboard network. As one might imagine, security on a network where users are allowed access via their own devices is infinitely more complicated than office spaces.

Devices on board a superyacht, including the tablets used for many operational functions, can be secured through a variety of methods and precisely tested against vulnerabilities. Security experts can equip your yacht’s key devices with protective services, for example, to increase security.

The use of personal devices does make for a more challenging environment. Add to this the array of external connections that superyacht users might employ, such as public wifi hotspots, 4G networks, and VSAT, and the complexity increases further. Combined with other challenges of marine life, cybersecurity becomes a multi-layered challenge requiring a sophisticated and professional approach.

 

Protection in a BYOD environment

OceanWeb has two decades’ experience working on cybersecurity in marine environments, and regularly keep up to date with industry developments. As such, our understanding of the unique issues facing superyachts has enabled us to devise an integrated solution tailored to reducing risk in these specific conditions.

As a BYOD environment cannot be prevented, OceanWeb provides policy advice for key crew members, including the captain and vessel’s engineers. Education on the acceptable use of personal devices significantly reduces the risk of infection or other vulnerability threats.

In addition to that, network traffic on OceanWeb systems is effectively segregated. This means crew are given their own virtual network to use so that the main systems are not compromised in the event of a security threat. Moreover, web and email traffic is scanned at the gateway level, ensuring that potential threats are proactively anticipated and blocked.

 

Securing connections

Third-party services are a convenient yet dangerous reality of internet connectivity at sea. The unfortunate truth is that despite such services posing major security risks, users are often unaware of this fact. Whether work-related or in a BYOD capacity, this could, lead to sensitive information being transmitted.

A major issue is that unencrypted data can be monitored and acquired by anyone with the technical know-how. One of OceanWeb’s solutions to this threat is to encrypt all email communication at both ends, ensuring hackers or other potential threats are unable to access the content. Dedicated anti-spam and anti-virus systems are also installed, which secures the email system against all incoming traffic, preventing threats from getting through. Anti-virus systems are also installed on all work devices for an extra layer of protection.

Securing access to physical devices and wireless connections is another part of the cybersecurity efforts. For instance, we provide both password rotation schedules and crew behaviour policies. We additionally track the loss of devices and limit physical access to equipment through ongoing logging and access monitoring.

 

Securing and backing up data

Aside from threats in the cyber space, the loss of physical devices can be a huge blow for security risk. Those with the right knowhow can easily retrieve sensitive data from devices they have in their possession. With this in mind, OceanWeb will track and access devices remotely in the case of emergencies. Additionally we remotely back up data to a secure location to ensure personal data and vital information is not lost.

As hardware is another vulnerability in superyacht systems, we supply backup devices for critical systems so that hardware malfunctions are not catastrophic. Overall, we provide a complete solution that is uniquely catered to superyachts. By protecting devices across several areas, including human error, we aim to preserve the security of your devices and connections.