Air Gap

Why Trust Techopedia

What is an Air Gap?

An air gap is a security measure that isolates a digital device, computer system, or local area network (LAN) from other devices, systems, and networks, including the Internet. An air gap is also known as an air wall and the strategy of using air gaps to protect critical infrastructures and data is also known as security by isolation.

Advertisements

Air gaps are effective against remote attacks, but they don’t protect against threats that can be introduced physically. USB flash drives containing keylogger software can silently record data on an air-gapped system, and this data can be retrieved later on by retrieving the drive.

What is an Air Gap?

Key Takeaways

  • Air gaps physically or logically isolate sensitive data, systems, or networks.
  • The purpose of air gaps is to reduce the attack surface by minimizing the number of potential entry points.
  • The isolation that air gaps provide is especially useful for preventing or mitigating remote cyberattacks that rely on network connectivity.
  • Air-gapped systems are not fool-proof. They are still vulnerable to physical attacks, side-channel attacks, and supply chain attacks.
  • Organizations can create a more resilient defense against cyber threats by combining air gaps with other cybersecurity best practices.

How Air Gap Works

An air gap physically or logically separates a digital device, computer system, or network from other devices, systems, or networks.

Physical separation involves closing network ports, disabling Wi-Fi and Bluetooth connection options, and removing cables. Logical separations involve strict network controls and security policies that dictate when and how data to (or from) an air-gapped system can be exchanged.

In air-gapped environments, data transfers are often conducted through data diodes that enforce one-way data transfers. Alternatively, USB thumb drives or other external storage media can be used to transfer data manually.

Why are Air Gaps Used?

Air gaps are used to protect critical computer systems and the data they store.

For example, air gaps play an important role in 3-2-1 backups. This type of backup requires three copies. Two copies are stored on different types of storage media or separate devices, and the third copy is stored offsite. This way, if the network is attacked and the first two copies are compromised, administrators can use the air-gapped copy to restore data quickly.

Other popular use cases for air gapping include:

Types of Air Gaps

Air Gaps Types

Air gaps can be categorized by the type of isolation they provide.

Physical air gaps
Prevent a digital device, system, or network from connecting to any other devices, systems, or networks.
Logical air gaps
Use encryption, network security controls, and access control policies to virtually isolate sensitive data.
Operational air gaps
Can temporarily make connections for updates under strictly controlled conditions.  

How to Prevent Air Gap Breakthroughs

To safeguard critical systems and prevent air gap breakthroughs, it’s important to implement proactive measures that address common attack vectors. This means staying on top of the latest vulnerabilities and cyberthreats and implementing best practices to limit risk and harden security.

To maintain security, removable storage media should always be scanned for malware on a separate, secure system before it’s connected to an air-gapped system.

Faraday cages can be used to shield an air-gapped system from wireless attacks.

Faraday Cage

10 Ways to Protect Air-Gapped Networks

To protect air-gapped networks, it’s important to take the following proactive measures:

Air Gap Pros and Cons

Air gaps used to be the gold standard for protecting critical infrastructure. Before the Internet of Things (IoT), operational technology systems were isolated from information technology systems, and this created a natural air gap.

Digital transformation changed this, and while air gaps are still used to provide an additional layer of protection, they are no longer seen as impenetrable barriers.

Today, air gaps are used to limit risk by building defense in depth. Like all security strategies, however, air gaps have both advantages and disadvantages.

Pros
Cons
  • Air gapping is not immune to direct physical cyberattacks or side channel exploits
  • Because air-gapped systems are isolated, their maintenance can be cumbersome and time-consuming
  • When data transfers to air-gapped devices are conducted manually, it introduces the risk of human error
  • Maintaining multiple physical isolated environments or virtual air gaps can increase the complexity of system administration and security management

The Bottom Line

The definition of air gap is essentially the same whether you’re talking about air gaps in plumbing or air gaps in operational and information technology (IT). In both cases, the idea is to prevent unwanted interactions by separating one thing from another.

FAQs

What is an air gap in simple terms?

What is the purpose of an air gap?

How do you know if you need an air gap?

How does air gapping work?

What is the air gap in cloud computing?

Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.