Ever heard of air gapping? It’s an important technique to keep your systems secure, and your files and folders free of malware.
In other words, you should learn to do it, and implement it in your backup strategy immediately. Here’s why.
What is Air Gapping?
First, answer this. How do you remotely hack a computer that is not connected to the internet or a LAN?
Simple answer: you can’t. Air gapping, also known as an air wall or air gap, is the act of physically isolating a computer, network, or device from any form of internet or LAN access.
Around the world, crucial systems are typically air gapped. Examples are military/governmental computer networks and systems, stock exchange systems, life-critical systems (E.g. Nuclear power plant controls), and journalists working with sensitive information.
On the flip side, extremely simple systems are by default airgapped, such as the engine control unit in your car, or electronic sprinklers for lawns.
The moment these systems become connected to the public internet, they are no longer effectively air gapped. The rise of smart devices with Bluetooth, Wi-Fi, and cellular phone connectivity have devices they believe are safely air gapped, when in reality they are quite easy to compromise. In short, the air gaps are imaginary.
How An Air Gap Can Help You
An air gapped computer or device is nearly impossible to compromise unless you’re physically there in person. While there are highly scientific means to compromise an air gapped computer, they usually involve standing no more than several feet away and using special devices to broadcast signals to unprotected USB ports.
In short, the sort of things security nuts do in a lab to prove it can be done, and extremely unlikely to occur to your personal or business devices.
It’s a fantastic way to protect your important infrastructure. And there’s one place where it excels for businesses and organizations of all sizes. That is, in protecting your backups.
Your backups are made infinitely more secure by physically moving them off-site, removing them from public access, and making sure they are cut from internet or network access.
Specifically, it’s a cheap and highly effective way of protecting your server backups from ransomware. Most ransomware can travel through your systems with ease, slipping through any device connected to another and locking your data down. The Achilles heel of ransomware is the ability to restore your data from a backup, thwarting the ransomware’s ability to hold it hostage so you can get it back.
That means most ransomware is designed to slip into your local or network connected backup destinations, and make sure your backups are encrypted as well so you can’t use them.
Air gapping also stops your backups from being accessed from people who simply want at your data. One example is a New York Airport who recently believed their backups on a NAS were private, when in reality they were linked to the public internet for over a year. If the backups had been air gapped, this would not have happened.
What About Offsite and Cloud Backup?
Here’s the truth of it. Cloud and Offsite Backup offer an incredibly secure defense against ransomware. However, there are definitely ransomware variants that can not only encrypt your data onsite, but also compromise some cloud accounts. (E.g. Dropbox, Google Drive, etc)
That said, cloud storage is infinitely more safe against crypto-ransomware than backing up your files to a local drive, NAS, or connected external disk. And the level of redundancy and safeguards it offers for your data can’t be overstated.
So does that mean air gapping is superior to cloud backup? Not so fast. It really depends on the scenario. There are some ransomware situations in which cloud backup is superior, and others in which air gapping has the edge.
Air gapping, if performed perfectly, offers almost impenetrable defense against virus infections. There’s a reason military and government agencies air-gap their important infrastructure. But that’s the caveat: when done perfectly. This means there’s a capacity for human error to mess things up – such as a device left plugged into the computer for a few hours before being rotated, or undetected ransomware slipping into your media rotation before being detected.
Cloud backup, however, is far more resilient against human error. When you send your data to the cloud, a good backup software will only keep the connection live for the duration of the backup job, then remove or wipe the access key. This way, it’s impossible for a ransomware strain to seize the software and use it to upload itself into your cloud account. Cloud providers like Azure also offer safeguards when they detect unnatural activity on your account (such as complete deletion requests), providing you with an added buffer.
If ransomware has not been detected and made it onto your backup destination, both benefit from point in time backup. E.g. Being able to roll your backup data back to an instance in which the data wasn’t compromised.
Ideally, both solutions should be used side by side for maximum protection. This is especially true in light of the other cons of air gapping, as we discuss below.
The Cons of Air Gapping
The cons of an air gapped computer, systems, or backup is exactly the same as the reason they’re so effective—they’re labor intensive to access.
For instance, if you want to transfer data to air gapped systems, you’ve got to copy that data to physical media, then travel to the closed system and upload it. The same goes if you want to transfer data off that device. In short, you sacrifice speed for security.
Air gapping alone also needs to be set up properly to protect you from internal threats. Most businesses and organizations don’t realize the one of the biggest threat to their data is internal attackers, specifically, disgruntled or inept employees. Transferring your whole server onto a external hard drive and taking it off site protects you fantastically from malware, but what about if that individual takes the backups home and opens them, or leaves it on the bus?
Just like using public or private cloud, air gapping is one tool in your arsenal, and should not be the only step you take to secure your data.
There is also a misconception that air gapping is a particularly hard thing to do, and only employed by high-level enterprise businesses and government agencies, not small to medium businesses or organizations. This belief acts as an impediment, as people put air gapping in the “too hard” basket.
The Truth: Air Gapping Isn’t A New Idea
In fact, any IT pro worth their salt has already heard of something similar—the 3-2-1 backup strategy. In short, making three backups, two on different media, and taking one offsite.
In that sense, it’s old as mud. And in fact, many people will already be air gapping as a matter of course, not realizing such a fancy name is really what they’re doing.
What do I Need to Airgap my Backups?
When you air gap as part of your backup strategy, you just put a small addition on that rule: make sure either your offsite backup, or your physical media, isn’t remotely accessible. This means being connected to a device accessible via the internet, or the device itself having networking capability. Make sure it’s only physically accessible, and even then, only by a trusted party.
You also need backup and disaster recovery software that can back up to multiple types of media. For example, BackupAssist allows you to back up your physical and virtual environments to most modern media: local and external hard disks, NAS, iSCSI, RDX and Tape, as well as public and private cloud backup. Since it also offers 265-bit AES encryption, it means you can use a single piece of software to implement a strong 3-2-1 strategy that involves air gapping your backups.
Also, it’s worth nothing that just because you can’t air gap a NAS, it doesn’t mean it’s a redundant place to store your backups. A NAS backup destination offers high availability for quick data recovery, which is particularly important if you don’t want to trek off-site just to restore a few Exchange e-mails, or you’re experiencing a time-sensitive outage.
So, are your important systems and backups air gapped?
An excellent article. But how do you air gap your backups without paying staff to visit your data centre / server room twice a day to plug in and unplug your USB or NAS device? Has anyone invented a device that can plug/unplug a USB or Ethernet cable with a secure API that backup software can access? For security maybe the device can only be told to unplug via the API and the “plug-in” command can only be issued by a built-in, standalone timer. 🙂
With all that said, what if ransomware comes alive when the backup is being performed? The device will be accessible! Rotating physical devices or cartridges each night is critical. How many small businesses or teams do that?
Hi Gary!
The labor intensiveness probably varies depending on the distance between your server room / data center and your main base of operations. If we’re talking about a trusted person just going into your on-site server room and plugging in a USB device, then it probably only takes 10 – 15 minutes. But if it’s more than that, it’ll clearly take longer, which is why we said in the article it’s one of those ‘security at a cost’ solutions. 🙂 And you’re absolutely right, rotating physical data and cartridges each night is important! (A catch we should have really put in the article, and I may edit in later).
That said, there are actually data courier services for your backups – professionals who come on site with metal cases and vans who take your backups to a secure offsite vendor. So perhaps that’s a decent stand-in for an automated plugging-unplugging device? The problem is, anything automated and software controlled kind of defeats the point of air gapping. BackupAssist does auto-eject certain types of media (RDX, Tape), creating an ‘air gap’ since it’s not connected. Other sorts of media can be auto selected to eject, but it doesn’t create a physical air gap.
In terms of ransomware being alive when a backup being performed, as you said, device rotation pretty much mitigates that risk. And to answer how many teams and businesses do that – not enough!