Did you read our blog post Superyacht Technology and the Internet of Things—5 Challenges? The article identifies 5 key challenges to having more and more Interent-connected devices on board vessels.
In this article, I want to focus in a major Internet of Things (IoT) challenge: SECURITY.
You may not think your superyacht’s Internet-connected coffee maker needs to be secure. But if it is connected to your yacht network, it may provide an entree to the vessel’s computer network. That’s why it is crucial that each device--from your superyacht A/V system components to the machines in the engine room--maintains a secure network connection.
By secure, I mean that data streams going in and coming out of each device are impenetrable to attacks, while still maintaining the ability to receive commands and information updates from authorized parties. But with so much data being transmitted and received, how can you protect your vessel’s devices from vulnerabilities while still allowing them to do their jobs? Here are three key areas to look at:
3. open ports
What are authorization/authentication, encryption, and open ports?
A page from Boston University’s Information Services & Technology Department website called Understanding Authentication, Authorization, and Encryption gives the following overview three of the first two. I’ve added an explanation of the third term below:
Authentication/AuthorizationAuthentication is used by a server when the server needs to know exactly who is accessing their information or site. Usually, authentication by a server entails the use of a user name and password. Other ways to authenticate can be through cards, retina scans, voice recognition, and fingerprints. Authorization is a process by which a server determines if the client has permission to use a resource or access a file. Most of the web pages on the Internet require no authentication or authorization.
EncryptionEncryption involves the process of transforming data so that it is unreadable by anyone who does not have a decryption key. The Secure Shell (SSH) and Socket Layer (SSL) protocols are usually used in encryption processes. The SSL drives the secure part of “https://” sites used in e-commerce sites (like E-Bay and Amazon.com).By encrypting the data exchanged between the client and server, information like social security numbers, credit card numbers, and home addresses can be sent over the Internet with less risk of being intercepted during transit.
Open or closed ports determine what data reaches the network server. A security firewall, such as Norton Security or McAfee, is a piece of hardware or software that acts like a filter between your networked device and the Internet. With a firewall, you can choose what goes out and what comes in through the ports—everything else is not allowed. The firewall helps determine whether ports should be open or closed, depending on whether data being transmitted is authorized. If a port remains open erroneously, data on the network can be vulnerable to theft.
How can this information help you maintain a secure vessel network?
Now that you are aware of three security challenges for IoT devices on your vessel, let's review what you can do to keep your yacht network secure.
Hopefully in the future, the annoying need for passwords will be replaced by other authentication/authorization protocol, such as voice or face recognition. But for now, we are stuck with typed passwords for most applications. So the most basic thing you can do to protect your security when using Internet-enabled devices on your vessel is to use strong passwords. Read The 25 Worst Superyacht Computer Passwords And How To Avoid Them to get some ideas for improving your passwords' strength.
If you use sites that do not encrypt your personal data, you are vulnerable to data theft. Some very popular sites such as Skype have been reprimanded because they failed to adequately encrypt customer data. So make sure that the websites you use when sending or receiving personal information like credit card numbers, social security numbers, etc. is encrypted. You want to see https:// in the beginning of the web address in your browser.
Make sure your yacht network is using the most current version of firewall hardware or software, which will alert you to network port issues. Frequent monitoring by a network expert will also help to make sure that every networked device on board is sending and receiving data optimally.
Let GCS help you keep your vessel network secure.
As things get more complicated on board your vessel, you may need assistance from yacht computer network experts. The Technology Team at Great Circle Systems is ready to use its members' 100 + years of collective vessel IT experience to solve your most challenging IT problems.
Just give us a call at +1-954-903-0065 or click the picture below to contact us.