Article Details

Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes. Operational Technology (OT) security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on average. Container cranes are mostly automated. Diagnostics, maintenance, upgrade and adjustments to these critical systems are done remotely, often by third-party vendor technicians. This highlights the importance of proper secure remote access management for industrial control systems (ICS). Learn more in our Buyer's Guide for Secure Remote Access Lifecycle Management. We at SSH Communications Security (SSH) have been pioneering security solutions that bridge the gap between IT and OT in privileged access management. Let's investigate how we helped two customers solve their critical access control needs with us. Secure Remote Access Around the Globe to 1000s of Ships In the maritime industry, ensuring secure and efficient remote access to OT systems is vital for maintaining vessel operations and safety. A prominent marine vessel operator, managing a fleet of advanced ships, faced significant challenges in this area. With operations spanning across the globe and an ever-expanding fleet of ships to manage, the company needed a robust solution to secure remote access for their engineers and vendor technicians. The Challenge The customer's existing security measures were inadequate for the complex and dynamic nature of their operations. The connections to ships were always on, it was hard to link an identity to each session, the lack of both granular access controls and comprehensive auditing capabilities posed a risk to both security and compliance, and the customer had scalability challenges with their existing solution. The Solution: PrivX OT Edition To overcome these challenges, the company implemented SSH's PrivX OT Edition. This solution provides a centralized, scalable, and user-friendly platform for managing remote access. Key features include: As a result, the customer can now ensure the safety of the crew, prevent unscheduled and costly dock time, mitigate the risk of disruptions to ship operations, and fulfill the requirements and recommendations by the NIS2 Directive and IEC 62442 standards. All this while modernizing their operations to gain a competitive edge in the global maritime industry. Read more about the case here. Vendor Technician Access to Industrial Cranes Restricted and Secured This customer is a leading global manufacturer of industrial equipment, with over a century of experience. Operating in around 50 countries, the company needed a robust solution to secure remote access to automated industrial cranes for their maintenance engineers. The Challenge The company's existing point solution based security controls were insufficient. They lacked the necessary granularity, functionality, and transparency, increasing the risk of cyberattacks and data breaches. As an example, the customer had difficulties in restricting access to cranes in a specific port, meaning that a maintenance engineer from Asia could access a port in Europe - and vice versa. Additionally, the previous solution did not provide adequate auditing capabilities, making compliance and security regulation adherence difficult. The Solution: PrivX OT Edition To address these challenges, the company adopted SSH's PrivX OT Edition. This solution offers a centralized, scalable, and user-friendly platform to manage remote access. Key features include: As a result, the customer can now restrict access per region and per crane for proper segregation of duties. Both ad-hoc and scheduled technician access is secure and available within minutes - and with automatic off-boarding. What's more, this more granular access control was achieved with minimal disruption to the existing infrastructure. Read more about the case here. Conclusion With PrivX OT Edition, companies can centralize access to all critical targets in IT and OT, regardless of the location of the user or the target. The solution removes the need for point solutions for access and offers a uniform, scalable, and coherent access for security needs at industrial scale.