Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity Enterprise ServicesSecurity Leadership and ManagementLogical Security

Air-gapped advantages in a non-air-gapped world

By Dan Ciruli
Cybersecurity image

Image via Unsplash

August 31, 2023

Cybersecurity has become a top priority across virtually every industry sector, public and private — especially in light of recent research that shows cyberattacks are viewed as the United States’ greatest threat. As these threats grow more prominent, so does the need to create secure environments to limit the exposure of sensitive data. One of the best ways to minimize exposure to such threats is to isolate data by deploying environments that have no, or limited, connection to the internet — also known as an “air-gapped” cluster. While there are a host of challenges organizations are forced to deal with when creating an air-gapped environment for cloud-native applications, through careful planning, leaders can create an effective air-gapped environment that will limit exposure to breaches.

While there are some technologies that can’t be air-gapped, there are many opportunities and benefits for the technologies that can. This piece will outline a few key considerations organizations should take when adopting an air-gap-first mindset, and why this is an approach that, no matter the industry, companies should consider implementing to ramp up their security culture.

Why an air-gapped-first approach can help – even when you don’t think air-gap applies

It is an exciting time in technology, and nearly every enterprise is looking to move to the cloud, modernize, and innovate faster. Ubiquitous access to the internet and mobile applications have spurred the creation of more and more connected apps. This means that more and more services are deployed on clusters that need to place calls out to the internet and accept calls from the internet. Not only that, but in the world of containerization and Kubernetes, it is extremely common for deployments to be dependent on things like container registries. All of these trends have made it more and more common for clusters to be ‘connected.’ However, our increasingly connected world has opened up a host of new threats and organizations need to first prioritize protecting their environment. Ransomware, for example, is one threat that teams need to prepare for ahead of time, but it’s just one of many. 

There are obvious use cases for air-gapping: sensitive government data, data that lives in remote locations that don’t have consistent internet access (i.e. a cruise ship or a car), financial systems to prevent fraud, among others. That said, even when it may not feel like it applies, taking an air-gapped approach can provide significant benefits. It will force security leaders to think about exactly what needs to be exposed to the internet, rather than assuming that everything should be. There are many ways to air-gap, and the type of air-gap approach a business should take is really dependent on its specific needs. 

Where are the needs on the spectrum of air-gappedness?

Depending on organizational needs, different levels of air-gapping can prove to be successful. Below is an overview on when different types of air-gapping may be relevant for an organization:

  • 100% air-gapped: there are many times when full air-gapping is appropriate, such as if there are no connections available due to remote locations or regulatory reasons. Most commonly, fully air-gapped environments are found in situations in which classified information is involved. This type of air-gapping is the best choice for sensitive information and environments that need to be completely secure.
  • Occasionally air-gapped: often used in moving vehicles, occasional air-gapping make sense for cases such as cars or ships. As these vehicles are often in motion or in remote locations, the ability to occasionally air-gap is vital to their success.
  • Logically air-gapped: hybrid solutions such as logically air-gapping is best when there is a physical connection, but protects network-connected digital assets through air-gapping. This can help to secure your software supply chain by ensuring that the cluster cannot fetch images from the internet, it can help protect from intrusion by locking down ports and paths not necessary
  • Partially air-gapped: many companies can benefit from partially air-gapped infrastructures — one that provides the security of air-gapping while still exposing certain ports or paths for communication purposes. What’s key here is that this exposure is only by exception and therefore very controlled. This can allow information to still be reasonably accessible to the broader team, while still maintaining a level of security that protects this data.

Why security leaders should rethink their architecture to minimize security vulnerabilities

Any business that has big data centers is at risk because their entire organizations are exposed to cyber threats. Additionally, in an environment with a tremendous amount of complexity and growth, there are a plethora of new areas to protect. Taking security risks into account prior to creating an infrastructure is always best practice, but even established companies can take a step back and identify new ways that they can revamp their architecture to be even more secure. By first identifying what can be air-gapped or even intermittently air-gapped, businesses will be in a much better and secure position to protect their data. 

As teams continue to face new security threats, an air-gapped mindset can help approach the challenge of overcoming them and ultimately create a more secure environment. Whether an organization implements air-gapped or intermittent air-gapped measures is up to their infrastructure needs, the type of data they’re protecting, and ultimately what is feasible for and aligned with their business goals. 

KEYWORDS: cloud security cloud-based security data data breach data center security financial security fraud prevention ransomware

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Dan Ciruli is the VP of Product at D2iQ. 

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • airport-freepik1170x658v6.jpg

    Russia's air transport agency affected by cyberattacks

    See More
  • Cyber data breach

    Online Privacy During a Pandemic: New Challenges in a New World

    See More
  • cybersecurity-laptop

    Persistent data exposure is a much riskier problem in today’s remote world

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing