NEW: Antivirus AI Mac is now availableDiscover now →
English
Deutsch Español Français Italiano Português Русский العربية हिन्दी 日本語 简体中文
Shop
For Home
Your privacy.
Uncompromised.
Real-time AI security for Android, iPhone, Mac and Windows. Independently certified and multiple award-winning.
Explore our products
AndroidAndroid
Anti Spy newfree
Detect & block spyware
Antivirus AI newfree
Real-time AI protection
Firewall AI free
Control network access
Camera Guard free
Monitor camera in real time
Micro Guard free
Protect microphone from spying
iShredder newfree
Permanently delete data
iOSiOS
iShredder iOS new
Securely delete photos & files
MacMac
Antivirus AI Mac free
Virus protection for macOS
Camera Guard Mac
Monitor camera in real time
iShredder Mac
Certified file deletion
iShredder iOS
Also runs on Apple Silicon Macs
iLocker Mac
Encrypt & lock apps
WindowsWindows
iShredder Windows
Certified data erasure
iShredder Server
For servers & IT teams
iShredder Technical
23 certified erasure standards
Your Privacy
For Business
Security for
your organization.
Certified data erasure and security for SMBs, government agencies and enterprises – fully GDPR-compliant.
Explore business solutions
Android & iOS
iShredder Business b2b
Securely wipe multiple devices
iShredder Enterprise
MDM integration & certificates
Windows Server
iShredder Server b2b
Wipe servers & RAID arrays
iShredder Technical
Bootable, 23 certified erasure standards
For Defense
Defense Solutions
Defense Solutions gov
Trusted by government agencies & defense organizations worldwide
Your PrivacyOur Customers
About Us
Shaping Security
since 2004.
We protect the privacy of over 8 million people worldwide – independently, transparently, without unnecessary data collection.
Our story
Company
About Protectstar
Who we are & what drives us
Our Philosophy
Security as a human right
Why Protectstar
Certified & award-winning
Your Privacy
How we protect your data
Environment
Our commitment to the planet
Team & Press
Our Team
The people behind Protectstar
Founder's Message
Vision & mission first-hand
Press Center
Media, logos & press kit
Customer Voices
What our users say
Intelligence
Artificial Intelligence
Artificial Intelligence
On-device AI detecting new threats in real time
iShredding
iShredding
23 certified erasure standards
For Home
For Business
About Us
FAQ & SupportBlog
Language / Region
Shop

What is an Air Gap? Understanding the Concept

What is an Air Gap? Understanding the Concept
August 14, 2023

An Air Gap is a mechanism designed to isolate two or more computing systems or networks of varying trust levels, especially when processing each other's data.

Recall the "Mission Impossible" scene where Tom Cruise suspends himself from the ceiling, attempting to extract data from a computer inside a top-secret vault in the CIA headquarters. With today's lens, one might wonder: couldn't he have just hacked the system remotely? The answer is no. An Air Gap safeguarded the CIA system – a standalone computer not connected to any network, requiring physical presence within a high-security room for its operation. Hollywood's portrayal might seem exaggerated, but it reflects a once-dominant belief: maintaining physical distance between a system and any potential access is the best protection.

However, times have changed. Air Gaps still exist, and some industries find them indispensable. Yet, maintaining them has become challenging over the past two decades. To comprehend their continued relevance, it's essential to understand their concept, strengths, and weaknesses.

At its core, an Air Gap is a security measure. It aims to create an impervious barrier between digital assets and malicious actors. These threats could be hackers, viruses, insiders, power outages, or natural disasters. The most straightforward Air Gap is established by disconnecting a digital asset from all network connections and maintaining a physical distance from anyone potentially attempting to access it.

Interestingly, the Air Gap concept extends beyond IT. Building codes prescribe air gaps between water sources and drains, and in electrical engineering, a gap is mandated between moving parts in an electric motor.

Air Gaps primarily serve two security objectives: protecting against network or system intrusions and shielding digital assets from damage, access, or tampering. These goals often overlap but are distinct. For instance, storing backup tapes in a salt mine is an Air Gap method that protects data from unauthorized access. The rationale: if our systems get compromised or destroyed, we can restore them using data preserved in an Air-Gap-protected environment.
Air Gaps are perceived as the ultimate protective measure for many security professionals. After all, if an attacker can't even access a system or network, how can they harm it? Air Gaps are prevalent in high-security sectors like the military, finance, and utilities.

Originating from IT, networking, and security domains, an Air Gap refers to a security paradigm that logically and physically segregates IT systems. These systems aren't connected to external networks like the internet or local networks, nor to other IT systems. Data transfer between isolated systems is unidirectional, usually using portable storage devices.
 

Limitations and Vulnerabilities of the Air Gap System
While the Air Gap concept offers enhanced security, it isn't foolproof. A malefactor could gain unauthorized physical access, manipulate the system, or steal data using portable storage. Moreover, there exist methods to bypass an Air Gap through side-channel attacks, extracting information remotely from processor sounds, hard drive noises, electromagnetic radiation, temperature fluctuations, and more.
 

Applications of the Air Gap System
Air Gaps are ideal for protecting highly sensitive IT systems. Typical applications include:

  1. Military or intelligence computer systems
  2. Control systems for critical infrastructure.
  3. Systems in the financial and stock trading sectors.

Other uses include:
• Medical facilities like hospitals

• Scientific and research institutions

• Nuclear power plants

• Aviation safety environments

• Vehicle control systems


Drawbacks of Implementing an Air Gap
While Air Gaps enhance security, they also introduce unique challenges. Their security is contingent upon preventing unauthorized physical access. Data exchange becomes cumbersome, typically reliant on external storage devices like USB drives. Moreover, their surveillance becomes considerably more challenging. Lacking network connectivity means they cannot be integrated into network-based monitoring solutions.

Implementing an Air Gap often involves a process wherein data is transferred using a portable storage medium. This ensures system isolation and guarantees one-directional data transfer. However, Air Gaps have been shown to be bypassed using various techniques since November 2013. These include covert acoustic networks, using a computer's graphics card to produce radio signals, temperature variations, spying through GSM devices, hard drive sounds, optical transfers via tampered hard drive activity lights or LEDs, using a PC's processor to emit radio waves, and even manipulating network cables to produce radio signals.

 

The Practicality of Air Gaps in Cyber Defense
Today, the best approach is to view Air Gaps realistically. When applied correctly, they are very effective. However, it's a mistake to assume that "data is Air-Gapped, thus it's secure." It's essential to carefully assess desired outcomes, risks, and vulnerabilities for specific Air Gap use cases. Physical separation isn't always necessary. When used appropriately, an Air Gap provides a robust layer of cyber defense.

Was this article helpful? Yes No
5 out of 5 people found this article helpful
Cancel Submit
Back Go back