Among all the methods for securing digital data, the policy of air-gaping is certainly the most extreme.
Drastic Measures
As it’s name would imply, air-gaping is a security protocol that physically isolates a machine from a network. Air-gaping most commonly involves cutting off a computer from the World Wide Web, but it can also be used to separate a machine from local area networks (LANs) as well. This form of air-gaping means that a computer is completely disconnected from any other device and is usually reserved for machines containing extremely sensitive data.
Understandably, air-gaping is mostly implemented in industries that deal with high value information. Systems that use air-gap security protocols include nuclear power plant controls, military networks, and computerized medical equipment. However, many private firms have also been known to utilize air-gaping to secure their more sensitive data assets.
In addition to minimizing threats of malware and other attacks that can damage a network, air-gaping goes a long way in preventing data loss. The digital avenues by which data normally leaves a machine are all closed off for an isolated computer.
But air-gaping is far from full proof.
The Impenetrable Wall?
Over the recent period–the past two years specifically–researchers have been uncovering more and more ways by which air-gaped computers can be breached. Some of these techniques are rather creative. Unconventional channels such as noise, LED light signals, and even changes in temperature emanating from a machine, have all been used to extract data from computers completely detached from any network.
While many of the methods involve sophisticated hacking methods and equipment, there are also much more simple ways of attacking an air-gaped machine. Even a computer in isolation can have information physically extracted by someone with direct access to it. And it is this risk that administrators need to worry about the most. The modern work space is an environment with dozens or even hundreds of employees with constant access to work stations. The possibility of a user pulling data with a CD, flash drive, or other USB device, presents a clear and actual risk.
Preventing Data Loss the Smart Way
Instead of resorting to the extreme measure of physically isolating machines, administrators can secure their data from exfiltration the smart way.
GTB’s Data Protection That Works offers the highest assurance in data loss prevention. GTB’s solutions provides a fully scalable, user friendly platform to ensure companies keep a handle on their most important information assets–where the data is and where it’s going.
With GTB technology, businesses can bring security to their data environment without resorting to methods that will, overall, impede their operations.
adroll_adv_id = “UIOFH72HVBDSPBBLAJUZE6”;
adroll_pix_id = “HNO2CUNA4BAINCHLEPH2JH”;
/* OPTIONAL: provide email to improve user identification */
/* adroll_email = “username@example.com”; */
(function () {
var _onload = function(){
if (document.readyState && !/loaded|complete/.test(document.readyState)){setTimeout(_onload, 10);return}
if (!window.__adroll_loaded){__adroll_loaded=true;setTimeout(_onload, 50);return}
var scr = document.createElement(“script”);
var host = ((“https:” == document.location.protocol) ? “https://s.adroll.com” : “http://a.adroll.com”);
scr.setAttribute(‘async’, ‘true’);
scr.type = “text/javascript”;
scr.src = host + “/j/roundtrip.js”;
((document.getElementsByTagName(‘head’) || [null])[0] ||
document.getElementsByTagName(‘script’)[0].parentNode).appendChild(scr);
};
if (window.addEventListener) {window.addEventListener(‘load’, _onload, false);}
else {window.attachEvent(‘onload’, _onload)}
}());