Reporter Liu Xiao

Since 2015, there have been frequent substantial probes into the issue of shipping network security in the shipping industry. For how to recognize and solve the risk problem of the shore-based network, the reporter interviewed the experts from CCS Digital Easy. Currently most shipping companies have built up their own computer rooms, servers, websites,and some outside interaction interface, to connect with other company’s system and complete the interaction of relevant information. The most effective solution to ensure the network security is using technical measures and safety management to form “the double insurance”.In terms of the technical measure, fi rstly, it is crucial to ensure the safety of the server. The patch program of the operating system(OS) should be upgraded timely to ensure the safety of OS, meanwhile, the antivirus software approved by the safety certification authority should be installed. Secondly, there should be an overall vulnerability scan before launching the website, and regular updating of the scanning tools and timely patching of new security holes after launching. Thirdly, the technology of encrypted access of the website should be improved. Fourthly, there should be encrypted storage for the highly sensitive data. Finally, the technology of firewall should be used to achieve the safe exchange and separation of the data between internal and external network, combining with technologies such as data backup and log audit to enhance the access monitoring of the network.

To build up a full set of network security system must also rely on the effective management. According to the experts, some ship management companies do not have the management standard or implement poorly in terms of the management for the hardware and software of ships computer as well as the network, which isthe main reason for system breakdown out of virusinfected software. Accordingly, the experts proposed three keywords: awareness, system and implementation.Establishing network security awareness is the first step in achieving network security, and strengthening personnel training is the best way to quickly make people have the network security awareness. Regarding the security of shore-based network, because of more and more security threats from the use of email and social network, the companies should not only focus on training related personnel to understand the con fi guration of the onboard computer’s hardware and software, but also strengthen the network security awareness of the staff with regular training. The keyword “system” means the companies must establish coordinated and orderly rules and regulations and system documents with clear hierarchy, clear interface and reasonable structure,only in this way can they lay a good foundation for effective implementation in the future. About the keyword “implementation”, the experts suggested that the most effective way is to arrange professionals to inspect the computers regularly. In addition, in order to protect the information security of the shipping companies, computers who have limitations in security should not be alowed to entry network; if any computer needs to install software, the personnel should submit a written report, after being approved by the leader, the administrator will complete installation.