What is an Air Gap?
An air-gapped device or air-gapped network is one that has been siloed from other networks and/or devices. This resource from the National Institute of Standards and Technology at the U.S. Department of Commerce (NIST) elaborates. According to the NIST, an air gap is “an interface between two systems.” In an air gapped environment, those systems “are not connected physically and any logical connection is not automated.”
Put simply, data transmitted between devices in an air gapped system can only be shared manually by authorized users. Air-gapping is a common security measure used to protect data at rest or DAR. Air gaps often pop up in discussions about industrial control systems (ICS), military computer systems and financial computer systems.
Air gaps are typically used by the military, major corporations and B2G companies to protect sensitive data and critical systems from hackers. Still, everyday Americans have probably heard this term before. Air gapping is sometimes casually used to describe disconnecting your laptop from Wi-Fi or disabling your cell phone’s Bluetooth connection.
The most securely air-gapped device or network, however, will not have those capabilities at all. These air gapped systems are designed to protect military networks, critical infrastructure and devices. Such systems are arguably more important than the average Joe’s personal computer, though the increase of remote work has changed those dynamics over the past couple of years.
Why a Secure Facility is Necessary to Protect Data in an Air Gapped Environment
Such air gapped networks are physically isolated in high security environments. They also lack any of the hardware that would make internet connectivity possible. As Aaron Fernandez writes in this Wired article, the only way to breach an air gapped computer system “is if [someone has] physical access.”
Given this, the facility in which an air gapped device is stored or network is operated must be as secure as possible.
The Hardware Used in Air Gap Security Systems Matters
The only way to access or transfer data in a truly air gapped system is to physically breach air gapped computers. As such, the hardware used in air gap security systems matters.
From SSDs and removable drives to authentication and encryption processes, the ways in which we design air gapped computer systems is incredibly important. The security of each element significantly impacts the effectiveness of those systems. While procedures, authorization, and physical isolation are all important, it’s also important to store data at rest (DAR) using secure storage technology.