Air Gap

In networks, air gap is a type of security where the network is secured by keeping it separate from other local networks and the Internet. While this provides security, it also limits access to the network by clients.


Portions of this definition originally appeared on CIO Insight and are excerpted here with permission.

How do air-gapped networks work?

In a typical network, users are able to connect to and transfer data in a network using external connections, such as public network access and emails. However, these connections make it easier for hackers to gain access to a private network.

In comparison, air-gapped networks require external, non-network means of transfer for data movement to happen. These methods may include removable hardware or media like a USB drive and transient devices like laptops. Both require a human with physical access to both machines along with the proper authentication credentials.

As few are willing to take the time and risk once the attack vector has been complicated through isolation, adding a gap of air between private and public networks deters most attackers.

How secure are air-gapped networks?

Air-gapped networks offer a high form of network security, as the isolation of the network makes it difficult for information to accidentally or purposefully be moved to and from the network.

Moreover, air gapping deters attackers since they need in-person access to a network device rather than being able to hop over from another network or to get login credentials through phishing.

Despite these deterrents, there are still several valid concerns regarding the physical security of air-gapped networks. The transient devices allowed to connect to the network can get lost or stolen, and authorized users may accidentally or purposefully use transient devices to carry information or malware to and from the network.

The Stuxnet worm case from 2010 is a strong example of how network hardware can cause damage, as that particular strain of malware spread to Iranian industrial and nuclear plants via USB drives.


Go deeper on the security of air-gapped networks | CIO Insight

Why are air-gapped networks important?

While there are concerns about the current and future effectiveness of air-gapped networks, especially since the growth of AI and IoT devices requires always-on communication between public and private networks, there are still many security and workflow advantages, such as:

  • Air-gapped networks increase isolation and secrecy, which increases security in high-risk scenarios and industries such as the government and military.
  • Companies can easily protect and separate highly-secure programs that don’t need constant network access.
  • Remote hacking is nearly impossible; hacking is made difficult by requiring attackers to be onsite.
  • Payment and controls systems can be kept separate from the rest of a business’s public or private networks.

As security breaches and their costs are on the rise, an air-gapped network can be a great way to ensure the protection of data and users from a growing number of cyber threats.

Shelby Hiter
Shelby Hiter
Shelby Hiter is a writer with more than five years of experience in writing and editing, focusing on healthcare, technology, data, enterprise IT, and technology marketing. She currently writes for four different digital publications in the technology industry: Datamation, Enterprise Networking Planet, CIO Insight, and Webopedia. When she’s not writing, Shelby loves finding group trivia events with friends, cross stitching decorations for her home, reading too many novels, and turning her puppy into a social media influencer.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Virtual Private Network (VPN)

A virtual private network (VPN) encrypts a device's Internet access through a secure server. It is most frequently used for remote employees accessing a...

Gantt Chart

A Gantt chart is a type of bar chart that illustrates a project schedule and shows the dependency between tasks and the current schedule...

Input Sanitization

Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs from users, APIs, and web services of any unwanted characters and...

IT Asset Management Software

IT asset management software (ITAM software) is an application for organizing, recording, and tracking all of an organization s hardware and software assets throughout...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...