Glosarium

Air Gap

Hard

If data cannot be accessed, then it cannot be infected or corrupted — this is the concept of an air gap.

What Is an Air Gap?

The concept of an air gap refers to the following: if data cannot be accessed, then it cannot be infected or corrupted. Within the IT industry, this is typically implemented as a duplicate copy of production data on a secondary storage system, which is offline, and as such is not connected to any production or public networks. However, in practice, this extra data copy is protected from attacks alongside corruption as long as the gap is maintained.

Companies will typically rely on this air gap data as a copy of the last resort. The air gap typically augments existing backups, recovery and disaster recovery strategies with the intention of providing an added layer of protection.

However, alongside this, you also have the benefit of enabling rapid recovery in the case of a large attack.

Many vendors use this as a strategy to entice customers to purchase twice as much hardware, one for production and another for the air gap, which can lead to a higher level of costs. This high cost has limited the adoption when it comes to traditional hardware air gap strategies.

When it comes to the types of air gaps, you have an array-based air gap, a backup-based air gap and an object-based air gap.