Sometimes you might feel that even the best network security available isn't strong enough to protect your precious data. If you are part of a larger organization, this feeling may be shared with your IT department and system administrators.
One solution for those seeking to fortify defenses against network connected attackers is called an air gap. By the most basic and easily understood definition, an air gapped system (or network of systems) has no wired or wireless connectivity to outside networks. Hence a gap is created in the network, like a moat around a castle. Could this be the right solution for your business? Learn more in this article.
Where air gapped systems are most popular
Probably the best-known air gapped computer system within the public consciousness is featured in Mission: Impossible (1996). In the movie, Ethan Hunt (Tom Cruise) covertly and precariously ventures into a vault housing an air gapped computer situated in CIA headquarters. It's tense, but shows that no matter how secure you make something, it can't be completely invincible.
So, yes, you will find air gapped computer systems and networks within military, intelligence and governmental organizations.
Similarly, organizations of national strategic importance like nuclear, oil and gas, utilities, chemicals, manufacturing, and others will use air gapped industrial control systems (ICS) or operational technology (OT).
Other examples where air gapped systems might be found include: air traffic control, national and state lottery machines, medical and life support systems, and some computer systems used in finance and stock exchanges around the world.
Commonly only particularly sensitive or valuable data will be air gapped: the most critical and sensitive data, the data which is essential to your business, or to the provision of a core service.
In theory, the air gap will protect your cherished or sensitive data so that even if the worst happens to other machines in the organization, the air gap ensures the safety of your most important information nuggets. Imagine major issues like ransomware attacks, hardware or system failures, and even natural disasters. In these cases, making an air gap in the network might save the day, or at least give you some time to save your data.
While it is clear that air gapping can be a winning strategy for the utmost security, it isn't for everyone. You are probably already thinking about the inconveniences of moving data between air gapped and other computers, and the way air gapping will impact backup strategies. There are many more nuances, positives, and negatives to consider.
Three air gapping techniques
We previously discussed air gapping computer networks. However, the technologies involved are more intricate than simply disconnecting cables or Wi-Fi devices. Three of the most popular air gapping techniques are described below.
Physical air gaps—total or segregated
At its most extreme, the air gap totally physically (and wirelessly) separates computer(s) from the wider network. It does not have remote connection capability to the wider computer network and it is physically distanced from your other computers.
Instead, segregate a computer or network from the wider network but let it exist in the same environment. An example of this would be two servers situated on the same rack, with one of them unplugged from the network.
Logical air gaps
If a physical air gap seems too extreme or medieval for your liking, a logical air gap might be more appropriate. A logical air gap can be implemented using a mix of technologies including: encryption, biometrics, firewalls, cloud security, and other access controls.
Thus logical air gaps have a technological moat rather than a physical one. It is a classic tradeoff between the utmost security and networked convenience.
Air gapped cloud
An air gapped cloud utilizes logical air gap technology and maintains some physical connectivity. However, it also offers the benefits of the cloud. The air gapped cloud is advantageous because it is physically distant from your network and has multiple levels of data backup. Cloud service providers stay updated on security trends like biometrics, multi-factor authentication, and the latest security software updates.
Unfortunately, we still see reports of cloud services being hacked, or their security bypassed, via vulnerabilities, exploits, or malware.
Tape air gapping
Tape might sound like an ancient computer technology to highlight in 2023. However, there have been recent reports suggesting cold data storage on tape can be much more economical and durable than using hard disk drives (HDDs).
Moreover, there has been momentum towards tape due to the prevalence of cyber crime and general network based attacks. Unlike server HDDs and SSDs, tape cartridges are routinely physically air gapped by being manually or robotically swapped from machines to storage racks. On the rack they are digitally inaccessible to attackers, making the air gap more physically effective.
Air gapping doesn't make systems invulnerable
We have already hinted at some of the drawbacks and issues faced by those who deploy air gaps. To provide a wider picture of the issues you might face with an air gap security strategy, below are a variety of routes via which attackers may attempt 'jump the air gap'.
Six ways the air gap might be breached:
- Physical compromise: the air gap is compromised by an attacker who gains physical access to an air gapped system. Access might be gained someone who sneaked in under a false pretext (computer service, cleaning etc).
- Misconfiguration: Access controls or permissions might allow an attacker access due to an error in misconfiguration.
- Insider: the attacker might work with someone with ready access to the air gapped systems, or any individual who was allowed to visit the air gapped facility.
- Supply chain compromise: a legitimate outside person or persons with some degree of access to the air gapped system may intentionally or unintentionally leak data.
- Social engineering: communications with people who routinely work on air gapped systems might help an attacker gain access. It has even been known for would-be attackers to drop devices like USB memory sticks laden with malware, in the hope they will be connected to an air gapped device.
- Advanced technologies: Researchers have successfully snooped on physically air gapped computers using various wireless monitoring techniques involving the use of acoustics, magnetic fields, thermals and other vectors.
Software updates for air gapped systems
Network connected office and home computers will often get updates from OS vendors very quickly, closing down vulnerabilities before they can be exploited by would-be attackers. This may not be the case with an air gapped system or networks.
Leaving vulnerabilities unpatched is undesirable of course. However, the air gap should keep the majority of attackers at bay. Moreover, it is sometimes better to wait for others to get day-0 patches and test them in a real work environment, to see if there are any undesirable side-effects.
Regular backups for air gapped systems
Here at Secure Data we are strong advocates for regular and rigorous backup strategies - prevention is better than cure. Air gap systems may have backup features, but it's crucial to have a backup for your backup. So, we've compiled helpful strategies for those responsible for backups in organizations with air gapped systems.
Five steps to air gap backups
- Please continue to follow the 3-2-1 strategy, but with added air gap system backups. You might even consider the 3-2-1-1 strategy for particularly valuable data sets. The extra '1' is a physically immutable copy of the data made to a write-once-read-many-times (WORM) or optical media.
- Air gap backups need a secure location, with no unauthorized access. Our list of potential air gap breaches makes it clear secure locations are necessary to be confident in your air gapped data safety and integrity.
- Air gap backups must be updated regularly, every working day at least. While networked machines are easy to backup remotely and regularly, the same isn't always true of an air gapped backup. If you want a backup to be kept offsite, and separately from the air gapped systems(s) it must be physically taken away via sneaker-net. Logical air gapped and air gapped cloud systems leave open various remote backup possibilities.
- Air gap backups need testing / verifying to ensure their usefulness. All backups should be completed with a verifying process, but the air gap can again hinder this usually routine process.
- Air gap backups should be encrypted. It is good practice to encrypt backup data which might have the slightest chance of being accessed remotely. With high value or highly sensitive data necessitating an air gap setup, archive encryption is an essential step of the backup process.
Air gapping undoubtedly complicates any backup process. It will probably add time / labor to backing up.
An air gapped system may also involve renting, maintaining, and securing an additional business location. This can lead to increased expenses, complications, and a higher risk of data loss or theft. The inconvenience and cost is largely why solutions like Secure Data's Secure Offline Backup are increasingly popular.
Despite the potential costs, efforts and drawbacks, air gapping can be a valuable part of a data fortification strategy for many organizations. With the growing menace of remote hacks, and threats like ransomware, air gapping sometimes proves wise in the long run.