The ever-growing risk of ransomware – and a countering increase in security compliance – is leading businesses to do whatever they can to protect their sensitive data. Reports predict that cyber crime will cost the world $10.5 trillion by 2025, and while some believe that backing up data is at fault by not being "strong" enough, this couldn't be farther from the truth. Leaving data exposed can open the floodgates for cyber attacks, and one way to secure data is through air gapping.
What is Air Gapping?
Air gapping is a security technique that isolates a device from other devices or networks to protect sensitive data against cyber attacks and unauthorized access. The isolation distance, AKA “gap” or “air,” makes it impossible for hackers to remotely access or corrupt the offline data, as the device isn’t connected to the local area network (LAN). This means that if a data breach occurs, the air-gapped data would be secure and safe.
This security measure is all about avoiding data loss, business disruption, reputational harm, downtime and more. You often see air gapping tied to the 3-2-1 rule, which states that businesses should create 3 data backups, store 2 of them on different storage media types (cloud storage, disk or USB drive) and store 1 at a secure offsite location. The idea is that if the first two backups get compromised, you can use the third to restore business operations.
What Air Gapping Isn't
When people first hear about air gapping, they assume that just because there have offsite backups, they're in the clear. This isn't entirely correct.
Most modern backup technology in the last few years has evolved to where systems make the backup appliance invisible to the network while still being physically connected to it. If a breach were to happen, the hacker couldn't find the appliance to attack it, making the backups truly safe.
Most businesses urge customers to follow physical or tape air gapping. Physical air gapping is when data is physically isolated or disconnected from the network or workplace, and tape air gapping is a type of physical air gapping when you back up data to a tape, eject the tape and then store it offsite.
The best two ways for proper air gapping are logical and segregated air gapping.
Logical – this is when the data is physically connected but logically isolated. Someone would use software programs to initiate the gap, like encryption, role-based access control, cloud security, firewalls or hashing.
Segregated or isolated – this is when you simply disconnect the device from the network by turning off the wireless connection or unplugging it from wired connections. The device is in the same physical location as the workplace but not connected to the network.
Pros and Cons of Air Gapping
As you can guess, many pros that come with air gapping, but no system is entirely fool-proof – there are also some concerns with air gapping.
The main benefit of air gapping is that it’s a strong defense against cyber attacks. particularly ransomware, as the backup data is hidden from hackers. This helps prevent data from being destroyed or compromised. Air gapping can also offer reliable operations restoration if a system failure, breach or disaster occurs – businesses can go the preserved offline data and use it to recover. Meeting cybersecurity compliance requirements is a final benefit of air gapping.
On the other hand, air gapping is often associated with human error since a person has to add, modify or download the data. Someone could leave the device plugged in, not detect ransomware when copying over the data, or leave the USB port unguarded.
Best Practices for Creating Air Gapping
When creating an air-gapping system for your data, you should consider there four best practices:
Air-gapped backups should be stored in secure locations not accessible by unauthorized personnel. Only those with the proper credentials can access the data. These locations should protect against natural disasters (fire, flood, hurricane) and intense temperatures.
Air-gapped backups should be updated regularly to minimize the time gap between backups and potential data loss. These updates should happen weekly, at a minimum.
Air-gapped backups should be tested periodically to ensure that if you need to pull data for business restoration, you can do so.
Air-gapped backups should be encrypted to further protect against threats. Even if a hacker somehow gets to the data, they can’t access it without an encryption key.
Air gapping should be an integral part of a company’s overall backup and recovery strategy, but not the only factor – companies should rely on other best practices to prevent breaches.
Can Thriveon Help with Air Gapping?
Without air gapping, your data could be at risk. Prevent cyber attacks and unauthorized access by working with Thriveon.
At Thriveon, we’ve been helping clients for over 20 years protect their data against cyber attacks. We can help you determine if air gapping is necessary against cyber criminals and how to create one to protect your sensitive data.
Get your Cybersecurity Risk Score in this free assessment