What is an air gap?
Physical, logical and operational
For decades, air gapping has been a cornerstone of network security. While methods may vary, air gaps isolate critical systems and data from outside intervention.
Air gaps are typically classified into two categories, physical and logical, with logical solutions emerging to meet demand for increasing convenience, efficiency and cost-effectiveness.
Understanding the distinctions between the two is important to evaluate which method of network separation – if not both – is best suited to an organisation's requirements for security and data availability.
It is also crucial to understand how the principles of air gapping can be applied not only to technology – but to the people and processes within an organisation.
Physical air gaps – complete physical isolation
Air gapping has historically involved creating a network with absolutely no connection to the outside word, effectively creating a bubble around sensitive systems and data. With information isolated and offline, only those with direct physical access can interact with it.
‘Physical’ air gaps like this are still employed today, particularly when watertight security takes priority over cost and practicality. A historic example is Russia’s FSO – responsible for Kremlin security – which famously switched to typewriters to keep their communications secret.
Similarly, some organisations continue to use tape storage to physically air gap their backups. While tape may seem like a slow and outdated technology, it’s low cost and inherently offline nature make it an effective option for archiving data.
This approach is clearly effective, but physical air gaps are difficult to manage and administer. Preventing remote access makes life more difficult for hackers and other cyber-criminals, but it also restricts your own capabilities. If you need to patch systems or resolve issues, you need to either physically travel to that air gapped system or temporarily open up access.
In the data protection world, physical air gaps increase Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs), as the data must be manually and securely transported. ‘Logical’ air gaps have therefore become much more popular for most applications.
Logical air gaps – technology-enabled separation
Logical air gaps are the most practical solution from an access and patching perspective. Through logical separation of production environments from backups, recovery data can be kept secure while a greater degree of access is maintained.
Separation can be achieved using network segregation techniques and access controls. Similarly, encryption and immutability respectively help to prevent data being accessed or changed. This, combined with other access controls and multi-factor authentication, enables logical air gaps to offer the similar protection to a physical solution with fewer downsides.
Backup software vendors and managed service providers will offer various solutions to logically separate a cloud or online backup, each with its own benefits. This might involve removing the connection when backups or recoveries aren’t taking place, or other limitations over which processes can occur.
The importance of an operational air gap
Having established the value of physical and logical air gaps, there is an argument to be made for a third solution. Either method, or ideally a combination of the two, ensures the resilience of your technology. But what about an air gap of your people and processes?
Our advice for implementing separation into your IT supply chain is to have one supplier delivering production IT and another looking after IT resilience. In practice, this adds an ‘operational’ air gap, which applies established principles for technology to your wider business.
Backups should sit outside the domain of the organisation they are protecting, which is easy to achieve if you work with a managed service provider. By limiting access only to them, it prevents a breach to the production environment from affecting any backups.
Working with an external provider enables organisations to significantly reduce the likelihood of a successful attack through the introduction of diversity and separation. It's like escrow for your IT systems and data.