A digital asset in a total physical air gap has no network connections. The total physical air gap-This the salt mine type, which involves locking digital assets in a completely isolated physical environment, separated from any network-connected systems. At a high level, three main types are the most common: There are many variations on the air gap concept. The security policies in these types of organizations may mandate the use of air gaps. Indeed, air gaps are common in high security environments, such as the military, finance, and power utilities. Hackers cannot penetrate an air-gapped system and take control of it. After all, if an attacker can’t even access the system or network, how can he harm it? Malware floating around the Internet cannot make its way onto an air-gapped system. Right or wrong, many security professionals consider the air gap to be the ultimate countermeasure. The thinking goes like this: If our systems are compromised or destroyed, we can restore them with data that has been kept safely away in an air-gapped environment. In general, data backup is a use case that favors the air gap. For example, storing backup tapes in a salt mine is an example of an air gap that protects data from unauthorized access. Implementations of air gaps may reflect one purpose or the other. These two goals often overlap, but they are distinct. They also protect digital assets from being destroyed, accessed, or manipulated. They defend against intrusion into a network or system. Electrical engineering requires a space between moving parts in an electric motor.Īir gaps serve two fundamental security use cases.
For example, building codes mandate an air gap between sources of water and drains. Interestingly, the air gap concept also exists in other fields. As its name implies, the simplest air gap is achieved by disconnecting a digital asset from any network connections and placing physical distance between it and anyone who might want to access it. In this context, a malicious actor could be a hacker, a virus, an insider, a power surge, or a natural disaster-any force that threatens the digital asset. To understand why air gaps are still important, it’s worth taking a moment to define the concept and explore what’s working well with them and what isn’t.Īn air gap is a security countermeasure that is based on the idea of creating an impenetrable barrier between a digital asset and malicious actors. Some organizations absolutely require them, but the practical realities of implementing and sustaining an air gap have grown quite a bit more difficult over the last two decades. It’s easy to make fun of Hollywood and its excesses, but the film did reflect the predominant view at the time that the best security came from putting air between a system and anyone or anything trying to reach it. If you wanted to use it, you had to be in that highly secured room. It was a freestanding computer that was not attached to any sort of network. Couldn’t he just hack the machine? No, because that CIA system was air-gapped. Remember when Tom Cruise hung upside down from the ceiling in Mission Impossible and tried to steal data from a computer housed in a top-secret vault at CIA headquarters? From the perspective of today, we might wonder why all the crawling through the air ducts and risking his neck was necessary.
0 kommentar(er)
