Air gapping and cyber security

Cyber security is an important matter for any modern company, and the number of cyber crimes and data breaches seems to be growing at an alarming pace. At the same time, it is hard to imagine a modern company that is not using data transmission between different devices in its job in some way. As such, there is a constant race going on between cybercriminals and security professionals in developing/countering various exploits and other ways to access a protected system of sorts.

Data security as a topic has never been simple and easy, and it has to become more and more sophisticated all the time to keep up with all kinds of cyber threats appearing. As such, there are several different approaches to security as a whole, and a massive number of different tactics and methods to ensure data security in one way or another.

Join us in our newest publication:

Air gapping is one such tactic, and it stands out as a rather unusual approach to data security as a whole. Isolation is the main logic behind air gapping – since every single cyber threat is acquired and spread via some form of data sharing, cutting every possible way to connect to a device such as a server should solve all of these issues at once. Every possible venue that could be used for hacking purposes, be it browser connection, email client, or FTP client should become completely ineffective if there is no connection with the source.

However, air gapping as a strategy is not that simple, and there are quite a number of nuances to that specific strategy, which is why it is also necessary to keep both the advantages and the shortcomings of air gapping in mind before choosing to implement it. First of all, the biggest advantage of air gapping is isolation from other devices, as we have mentioned before. Being disconnected from both the Internet and various local networks is a massive detriment to an overwhelming majority of existing types of cyber threats, be it ransomware, malicious actor, unintentional deletion, etc.

There is also the fact that air gapping security works great in the context of a popular 3-2-1 backup strategy, which implies that every system should have at least three copies of data located on two different storage types with at least one copy being stored offsite. That one copy being stored offsite is a perfect placement for an air gapped backup, since it often has to be physically separated from the rest of the system to reach at least partial air gapping.

This exact situation also reveals another significant benefit of air gapping – an effective strategy against more unconventional and indirect attacks, such as insider threat or a virus that attempts to corrupt backups before encrypting the original data. One isolated copy of your system acts as a great “last resort” of sorts, to make sure that there would be at least one copy of your data left no matter what, even if the original server location gets completely destroyed or wiped out by some sort of a natural disaster.

An air gapped system is also a great location for running some sort of legacy software or hardware, the inability to connect to the Internet eliminates the possibility of such software updating automatically and corrupting itself that way. Of course, running legacy software always comes with its own risks, but there are still plenty of different high-profile industries that rely on extremely outdated software and hardware to perform their work since it is hard for a lot of software/hardware providers to keep up with all of the new movements and trends in the world.

Of course, it is also just as important to remember that there is no security method that can be 100% effective and positive, and air gapping is no exception from that rule. The first disadvantage of this method is relatively obvious – the difficulty of either adding, modifying or removing data to and from an air gapped system. Removing any kind of connection to a specific server eliminates a lot of threats, but it also removes the ability of moving data wirelessly to and from this server, meaning that every single data modification event has to be performed manually using some sort of external storage device.

The second disadvantage is a direct continuation of the first one – the so-called “human factor”, as in the person that has to perform all of these modification processes to an air gapped system. There is always a chance of that person leaving the door open, either literally or figuratively – in the form of a USB stick forgotten in an air gapped system that can be used to hack into the system itself.

Air gapping is an incredibly effective data security method, even though it is not perfect. It has its own nuances, as well as different types and techniques that could be used. 

Share and Enjoy !

0 0