Ensuring Data Security and Integrity in Maritime Optima
Introduction
In today's digital age, data security is a paramount concern for businesses across all industries, including the maritime sector. As IT managers, you may have colleagues inquiring about the safety and compliance of ShipIntel, a new application they've been testing. This blog post aims to address these concerns by explaining how Maritime Optima prioritizes data security and integrity.
What is ShipIntel by Maritime Optima?
Maritime Optima helps companies and people involved in maritime business to save time and make more qualified decisions.The main offerings are ShipIntel Essentials with a focus on AIS based features and models such as live vessel lists and tracking, destination prediction models, monitoring and routing, and ShipIntel Pre-Fix with focus on Email AI and semi-automated voyage and time charter calculations. The customers usingMicrosoft 365 subscriptions can also attach their documents, photos, technical descriptions of vessels and company contacts to vessels and ports.
The ShipIntel solutions are 100% cloud-based, with end-user clients for web, mobile, Microsoft Teams and MicrosoftOutlook.
Fundamental Security Measures for All Customers
1. Microsoft Azure Hosting
Maritime Optima leverages Microsoft Azure data centers in the Netherlands, benefiting from their robust physical and technical security measures. This includes 24/7 staffing, integrated security features like virtual networks with separate firewalls, and “everything redundant” such as servers, network connections, power supplies, cooling.
2. User Authentication and Verification
We implement strict user authentication processes, including OAuth 2.0 Identity Providers (Microsoft, Google, Apple) and email confirmation. Team owners can restrict new users to company email domains, enhancing control over access.
3. Encryption in Transit and at Rest
We use HTTPS and regularly update our security configurations to ensure the most secure connections. All team data is stored in encrypted databases and filesystems, protecting against physical theft of hardware.
4. Backup and Recovery
Customer data is continuously backed up, allowing for point-in-time recovery up to 14 days in the past.
5. High Availability
Our Kubernetes cluster ensures automatic recovery of services and maintains spare capacity for continuous operation.
6. Mobile Access Security
We've implemented various security measures for our mobile apps, including minimal device access rights, support for two-factor authentication, and encrypted data transmission.
7. Audit Logging
All changes to team data are logged and accessible to team members, ensuring data integrity and traceability.
Advanced Security Measures for Enterprise Customers
Companies with dedicated IT staff using Microsoft Azure and Office 365 as their business software platform naturally want to maximize the value and security benefit of that platform. This implies centralized user account management, access control and licensing, with as few disparate applications and data silos as possible. We support that strategy wholeheartedly:
- Multiple ShipIntel teams can be linked to a Microsoft tenant for centralized management.
- Individual ShipIntel teams can further be linked to a Microsoft Entra (previously named Active Directory) group for access control. This replaces our own user authentication with Microsoft Entra; only users who are currently members of the selected Entra group and authenticated using your company settings for Microsoft login will have access to the ShipIntel team.
- ShipIntel license seats can be purchased through the Azure Marketplace (counting against your Microsoft volume discounts) and allocated to individual Microsoft Entra users.
- When a ShipIntel team is access controlled by a Microsoft Entra group, users can link vessels, ports and lists (everywhere we support attaching documents basically) to Microsoft SharePoint folders. This replaces the built in ShipIntel document and photos libraries with SharePoint, ensuring everyone in your organization can work on the same folders and documents, and no files ever leave SharePoint (we only keep links to the SharePoint folders, we do not read content).
- We have even developed a web portal for IT managers in order to simplify the configuration and setup of Microsoft integrations as much as humanly possible.
Conclusion
At Maritime Optima, we understand that data security goes beyond basic measures like backups and HTTPS. Our comprehensive approach integrates security and integrity considerations into every aspect of our product design and workflow. We're committed to protecting your business-critical information and ensuring it's captured, tracked, and available when you need it. For further information or to discuss privacy and data security, please don't hesitate to reach out. We're here to address your concerns and ensure that Maritime Optima meets your company's data security policy requirements.