Ours is a deeply interwoven and inviolable world, which often means problems for the security of the company. According to IBM 2020 Cost of a Data Breach Report, an average cyberattack costs a business $ 3.86 million, and the average cost per breach in the United States is $ 8.6 million. There is good news, however,: Companies that invest in better network security infrastructure and policies, such as incident response and security automation, save $ 2 million to $ 3.58 million in the event of a breach. . While this does not work for all business models, vacuum networks can provide one of the highest levels of security to the corporate infrastructure when closely managed, thereby preventing many potential violations.
Readers also read: End-to-end encryption: important advantages and disadvantages
Take a look at air gap networks
An air gap network is a network that has been separated from other public and private networks with an effective “air gap”. This means that the air gap network is disconnected from the public internet, external email, and any other means of communicating directly from one network to another.
Consider this visual: If two mountains are separated by a valley, the only way to reach the other mountain is by direct path or transportation, which can be anything from bridge to bridge. helicopter that will take you there. The bridges and helicopters in this scenario illustrate the external network connections, such as public network access and email messages, that allow hackers to hook on and gain easier access to a private network.
But let’s say these two mountains are in a very isolated part of the world and there is no transportation or other access to cross between the mountains. The valley that separates them is an air hole, which few travelers will want to take the time and risk crossing. Likewise, adding an air gap between your private network and other public networks keeps most attacks away because the attack vector has been complicated by isolation.
The movement of data in an air-gap network can only occur through external, non-network means: hardware or removable media such as a USB stick can be used to transfer information to and out of an air-gap network, and transient devices like laptops can be allowed to connect to the idle network, but with very specific permissions. Think of them as hidden paths or special access means of transportation that only authorized travelers can use to gain access to your vacuum network. But these require a human with physical access to both machines, as well as proper authentication information.
Learn more about corporate networks: Understanding VPNs: The Pros and Cons of IPSec and SSL
How to ventilate a computer?
Air gap computers are very similar to air gap networks, but they are more focused on device and personal usage levels. The idea is to disconnect the individual device from any outside network or information, and it can be used for reasons ranging from increased personal privacy to improving the performance of off-grid applications.
In order to gap a computer, you will need to completely disconnect it from everything else. This means turning off WiFi and Bluetooth, disconnecting from the Ethernet cable, and checking that no other form of communication or data transfer is available. Air gap in a computer involves disconnecting cables and disabling all network hardware.
How To Stay Safe When You Can’t Air Gap: VPN vs. SDP vs. ZTNA: who won in 2020?
Vacuum networks are theoretically one of the highest forms of network security, as increased levels of isolation make it difficult to accidentally or intentionally move information to and from that network. Most hackers only have the skill or patience level to perform a remote network level attack, but the air gap almost requires them to gain direct in-person access to a network device. They can’t just jump off another network or connect through phishing communications, so most malicious actors will stop before they even enter your network.
However, there are valid and proven concerns about the actual physical security of air gap networks, namely which transient devices are allowed to connect to them. Who can tell what happens to a USB stick or laptop before, during and after it is connected to a vacuum network? What if an authorized user accidentally or intentionally uses this hardware to transport information (or malware) to and from the network? the Case of the Stuxnet worm from 2010 is a good example of how network hardware can cause damage, as this particular strain of malware has spread to Iranian industrial and nuclear factories via USB drives.
Network policies to secure air gap networks
Ultimately, vacuum networks are only secure to the extent that your networking and security policies are willing and able to put them in place. They can be almost foolproof if strict network policies are in place and constantly monitored by network administrators. Consistent monitoring should be applied especially to removable media, transient devices such as laptops and computers, modems and VPNs.
Here are some steps your network administrators should take to make their vacuum networks as secure as possible:
- Enforce strict policies on where empty network hardware can physically go, who can use it outside of designated physical areas, and how it can be used. It’s a good idea to limit these devices to top-level management, power users, and anyone else who absolutely needs that level of access.
- Invest in strong network monitoring practices and tools so that you can immediately detect users and devices if they override data access and sharing privileges.
- Develop a detailed description network audit checklist which can help you set and enforce policies for devices and users on the network.
Why overhead networks are important
While there are doubts about how efficient vacuum networks are today and how effective they are, as the growth of AI and IoT devices requires constant communication between private and public networks, there are still many benefits. in terms of security and workflow. in a vacuum network:
- Vacuum networks increase isolation and secrecy, thereby increasing security in high-risk scenarios and industries (i.e. government, military, etc.).
- You can easily protect and separate your highly secure programs that don’t need constant network access.
- Remote hacking is almost impossible; you have to be there, which makes it more difficult for hackers to access.
- Payment and control systems can be separate from the rest of the public or private network (s) used by your business.
In a world where security breaches cost businesses millions of dollars each year and major security breaches make the news almost every week, spacing your network is one of the many choices you have to protect. your data and your users against an increasing number of malicious programs. actors.
Security measures that can prevent cyber attacks: What lessons can CIOs learn from hacking the colonial pipeline?