October 23, 2022

Denying the enemy entry – anywhere, at any time

Denying the enemy entry – anywhere, at any time

Initially published here:–management/denying-the-enemy-entry—anywhere-at-any-time

Stephen Kines at  Goldilock argues that, with the ability to pull up the drawbridge at any time, next-generation air-gapping is a security game-changer

Connectivity comes with risks. As digital networks and systems become ever more integrated through IoT and cloud computing, an ‘always on’ culture has become embedded in both our organisational and personal lives. This is causing many to question whether we are truly benefitting from hyper-connectivity, or whether we have become its slaves.

From a cyber security perspective, the implications of 24/7/365 connectivity are even more far-reaching. New hybrid and remote working patterns have led to enterprise attack surfaces expanding, giving cyber criminals bigger targets to hit.

All the while, cyber attacks continue to grow in frequency, complexity, and ruthlessness. The number of ransomware attacks reported to the UK’s data watchdog and financial regulator doubled in 2021, and more recent events in the geopolitical sphere have brought a whole new range of cyber threats to the forefront.

It is time for businesses to confront some difficult truths. As long as systems are connected all the time, they will be vulnerable all the time. And there is no shortage of avenues for hackers to exploit.

However, organisations need to balance their operational needs with the protection of mission critical networks and assets by placing them behind an impenetrable barrier to prevent unauthorised access by bad actors. How? By leveraging the latest air-gapping technology to strategically disconnect whenever needed.

The power to disconnect

Air gapping involves completely isolating a computer or network and preventing it from being accessed or establishing an external connection. As even the most sophisticated cyber criminals cannot argue with the laws of physics, this move renders data and systems inaccessible to remote hackers and therefore ‘unbreachable’.

This explains why it was traditionally used exclusively where there was risk of death, such as in nuclear power stations or utilities, oil and gas. Essentially, anywhere something could go bang with catastrophic consequences, there was an air gap in use. But things are very different now.

Of course, permanent disconnection would plunge most businesses back into the Dark Ages. But next generation air gapping solutions give organisations the freedom to connect and disconnect ‘on demand’, allowing them to exercise total control over when and where their most valuable digital assets can be accessed.

For many businesses, this amounts to pulling the cables on connectivity outside of core office times. After all, the cyber security benefits of simply disconnecting data and systems from the internet after hours are self-evident.

Air gaps serve several security use cases. Fundamentally, they defend against unauthorised intrusion into a network or system. But through physical network segmentation, they also minimise the risk of digital assets from being destroyed or manipulated in the event of an internal attack.

By making backups that are stored offline, businesses can add an extra layer of security to their operations. In the event of a ransomware attack, many organisations suffer financially through longer recovery.

As ransomware can specifically target backups, this makes the whole recovery process more challenging. But air gaps enable the physical isolation of data that can remain at hand, yet be as secure as if it were stored off site.

Taking back control

In today’s fraught cyber security landscape, it is easy to feel like the criminals hold all the cards. However, air gapping gives businesses the power to plan their strategic disconnect by segmenting parts of their time and space to protect systems.

Legacy air gaps do have some advantages. Rather than laying software upon software, organisations can segregate and completely isolate their operations as and when they need. If they schedule the manual switching around their daily operations, they can mitigate the risks of hyper-connectivity whilst balancing risk.

But the legacy air gap has a huge drawback: you need to be within proximity of the device to manually switch the network connections. Can you think of any modern IT environment being able to accommodate this without major frustrations from its users or impatient shareholders?

The best air gapping solutions let businesses operate the air gap remotely. They still pull the cables and instantly sever device connections on demand, but just not from inside the same room. How? By leveraging SMS, a trigger mechanism beyond attack visibility. This non-internet trigger is therefore unhackable over the internet – yet is still controllable remotely by the business.

Remote control is an essential tool in the event of a zero-day attack when time is of the essence. Business leaders can also control employee access in a secure manner, where multiple authorised parties can allow availability using the same system but their own segregated controls.

Not only does this ensure that remote and hybrid employees can access data outside of office hours if needed, but it also cuts off the air supply for cyber criminals and enables organisations to shrink their attack surface to near zero.

Air-gapping 2.0: a 21st century solution

Air gaps have been around for a long time, and they often still conjure up images of being sat alongside mainframe computers and archaic floppy disks. But the world has moved on since then, and so has air-gapping technology.

Some systems that purport to be ‘air gapped’ actually have internet connections hidden behind layers of management software and integrated systems. This ultimately gives businesses a veneer of protection whilst leaving them vulnerable to escalating cyber-attacks.

Connected equals insecure, remember. It is now vital for organisations to find more use cases where impenetrable physical separation as a defence against the most sophisticated threats is a strategic advantage, not an obstruction.

Next generation air gaps seamlessly blend into existing IT environments, as they are Layer 1 – the physical layer. They eliminate the need for costly forklift upgrades, whilst giving businesses the peace of mind that comes with exercising full control of every attack surface.

The motivation to unplug is currently soaring. Therefore, having the freedom to physically connect and disconnect to the internet whenever and wherever needed – without going online to do so and without using a hackable internet trigger – is a security game-changer at a time when cyber threats are at an all-time high.

Next generation air-gapping lets businesses maintain a much-needed additional layer of physical cyber security with none of the inconvenience or constraint.

Stephen Kines is COO at Goldilock