Many companies make the mistake of taking a reactive approach to security, remediating an attack after it occurs. After a ransomware attack, this means recovering data that has been encrypted and systems that have been locked. Instead, your business should focus on preventing an attack, making recovery unnecessary.
Air gaps can be part of a preventative approach to data security. In plumbing, air gaps keep wastewater from entering the drinkable water supply. In technology, an air gap prevents bad actors from accessing data and contaminating it with malware.
Making air gaps part of your IT security and data protection strategy is a strong and reliable way to keep your sensitive and mission-critical data from being stolen or compromised.
What Is an Air Gap?
Creating an air gap or air wall provides a high level of security by isolating systems from the other connected devices or networks, such as the internet or local area network (LAN). An air gap protects the network from intrusions and digital assets from being accessed. Isolating sensitive data from the network using an air gap removes it from the attack surface, preventing cybercriminals from gaining access and stealing or modifying information.
Air gaps can be physical, creating physical isolation, or logical, operating through network controls.
Physical Air Gaps
In the past, most air gaps were physical, using tape or a secondary data center environment. A system would be stored in a room or building that had no network connection, creating a barrier between an asset and the network. Backup tapes would be relocated off-site.
While secure, physical air gaps could be costly and difficult to manage. Manually transferring data makes it difficult to achieve optimal recovery point objectives (RPOs) and recovery time objectives (RTOs).
Logical Air Gaps
Today, air gaps are most often logical, segregating production and backup networks and reducing the attack surface. Logical air gaps can be virtual or operational.
In a logical air gap, a digital asset is separated and protected through logical processes, such as encryption, access controls, MFA, versioning, and object locking. By taking these measures, a logical air gap defends against the eventuality that a digital asset will accidentally become connected to a network. Even if a cybercriminal accesses the asset, the data owner will still have previous immutable versions to restore from.
How to Use Air Gaps for Data Protection
The air gap protects data by separating it from areas with the greatest vulnerability to attack. By isolating devices from the network, air gapping prevents systems from being infected by malware, such as ransomware. To transfer data in an air-gapped system, users must have proper access to bypass logical controls, physically approach a computer and connect a device, such as a USB or dongle, or find a misconfiguration within a logical air gap implementation that leads to the environment becoming accessible.
Other safety measures may be necessary to preserve the air gap, such as banning or blocking wireless communications in the vicinity of the device. Logical air gapping has the advantage of allowing for a physical connection while maintaining a logical separation, making data easy to access while remaining secure from deletion or modification.
Advantages of Air Gaps
Air gaps provide better and more cost-effective data protection than traditional backup architectures by isolating data from local networks and production areas. Data protection can be achieved without the need for a secondary data center for backup and recovery.
Air gapping is almost foolproof as a method for protecting devices and data from hackers. Without a network connection, cybercriminals cannot access air-gapped computers. Air gaps are so secure that military and government computers use them to preserve national security. The stock exchange and nuclear power facilities also use air gap environments.
To breach an air gap, cybercriminals typically use weaponized USB drives to distribute malware. This attack vector is challenging because it requires that the hacker be in physical proximity to the air-gapped device.
Leading Air Gap Solutions
Air gap solutions have evolved to provide better security and data protection for your business. Air gapping offers a layer of robust security as part of an overall strategy. Some of the top technology companies, including Commvault, NetApp, Rubrik, and Pure Storage, offer logical air gap solutions that can help your company prevent ransomware attacks and other types of breaches.
ProActive Solutions can help your company make air gaps part of your proactive IT security strategy. We provide security and compliance services as part of our approach to data center transformation. Taking a consultative approach, we will work closely with your business to assess risk and bridge security gaps using leading technologies.
Experience our consultative approach by setting up a whiteboard session. Ask for a security whiteboard session with ProActive.
