How Air-gapping can boost your Data Protection

In one of our recent articles, we saw how important it is to devise robust BCP / DR policies and procedures for software platforms. One of the key concepts for BCP /DR is Data Protection with Air Gapping.

Let’s get a deep dive into it.

For those who are unaware, Air Gapping is a data backup strategy. It is a backup copy stored in a separate storage environment which is not accessible, essentially it is stored in an offline environment. The strategy involves ensuring you have a copy of your data always offline and not accessible. Since they are offline they can not be hacked or stolen or corrupted easily by a remote connection.

3-2-1 Backup Strategy :

  • Air-gapping plays critical role in 3-2-1 backup strategy which is an accepted best practice in data protection.
  • It means storing 3 copies of data, on 2 different storages with 1 copy being offline.
  • Since the last 1 copy is offline, it is protected against cyber attacks and ransomware attacks.

Why is it widely accepted and reliable best practice?

Firstly, air-gapping ensures at least one copy is prevented from loss. Secondly, you can rely on restoring this copy because there would be less chances of data integrity issues, it being offline and disconnected. Even if primary copy gets compromised, this backup copy is always available. Even if someone hacks into the network, they will not be able to reach to this copy unless they are physically present at the location.

How to air-gap your data backups?

  • Physical : This type includes totally isolating backup copy from network. So administrators must physically perform backup and restores. Requires high level of security.
  • Segregated: This type includes storing backup at same location of production environment but it is not connected with the network.
  • Logical : This type includes logical isolation by implementing role-based access control mechanisms, or by storing in a separate cloud storage account, or separate region.

Some key aspects to consider

Although air-gapping provides a very strong data protection and recovery mechanism, there are some key aspects each organization must consider before implementing it.

  • It requires more operational involvement leading to increased RPOs and RTOs.
  • It increases the need for high-security of physical location to prevent theft.
  • Timing of data backup is important, if the attack was not detected at the time of taking backup, it would get replicated.

It is true that each organization and software platform needs to devise its own data protection strategy, but air-gapping can definitely be a part of it.

How are you ensuring your data is protected and easily recoverable in case of disaster?