![]() Just one connection with the outside world creates a single point of failure for malicious actors to exploit and even with no direct connection there are ways “in”. as employees circumvent cumbersome requirements by relying on their private (and often insecure) email.įurthermore, the “air gap” itself can be circumvented. Indeed, a poor cybersecurity culture within any organization means social engineering or human error can give malicious actors a way into a system, e.g. Moreover, the assumption of being safe on the other side of an “air gap” can mean staff and management take essential security basics for granted. For one thing, being disconnected from threats frequently means being disconnected from cybersecurity innovation, let alone mundane security tools such as patches. The benefits of smart cities and smart nations will be significantly diminished if governments forsake cloud and IoT benefits in the name of network separation.įinally, even network separation’s security benefits are not foolproof. And many government services and systems that are meant to interact directly with citizens are likely to be slowed and made more cumbersome by separation protocols. Having to turn attention and move information between different devices, some separated and some not, would be time consuming at best and confusing at worst. An “air gap” creates barriers to the outside world, which most government workers need to best serve their constituencies. Network separation can also harm efficiency, productivity and usability. Costs increase further because software maintenance cannot be done by a remote centralized hub, whilst physical maintenance is more time consuming. This largely unused capacity is effectively wasted, whereas a non-separated network could simply use temporary cloud resources to “scale up” when needed. That network needs to be built to deliver the foreseeable peak demand, which might only occur every now and then. An “air gap” demands creating a whole new network with standalone servers, routers, switches, management tools, etc. Looking at costs alone, creating separate networks means increased expenditure of limited resources and reduced economies of scale. However, as governments consider implementing network separation more broadly, that cost/benefit calculation must change. The potential consequences of these systems being compromised are sufficiently bad to justify any downsides that network separation might introduce. classified military networks or nuclear power plants. Network separation is an established and recognized security practice in critical sectors, e.g. I’m going to use this blog to look a little more closely at these issues. Overall, network separation is out of step with a world where systems’ interconnectivity is underpinning innovation driven by cloud computing and the Internet of Things (IoT). These include: costs of implementation and maintenance diminished productivity and, perhaps counterintuitively, degradation in some key aspects of security. In my experience, however, network separation has its place in the governments’ cybersecurity toolkit but it also suffers from significant drawbacks. 100% protection, because cyberattacks can’t cross the “air gap” to reach their target. Why? It promises the holy grail of security, i.e. the physical isolation of sensitive networks from the Internet, has been floated as an essential cybersecurity tool. In some of my recent discussions with policy-makers, network separation, e.g. Endpoint management Endpoint management.Microsoft Purview Data Lifecycle Management.Microsoft Purview Information Protection.Information protection Information protection.Microsoft Priva Subject Rights Requests.Microsoft Purview Communication Compliance.Microsoft Purview Insider Risk Management.Risk management & privacy Risk management & privacy.Microsoft Defender External Attack Surface Management.Microsoft Defender Cloud Security Posture Mgmt.Microsoft Defender Vulnerability Management.Azure Active Directory part of Microsoft Entra.
0 Comments
Leave a Reply. |