You Want That Box 100 Percent Secure? Take It Off the Network
It's advice about as old as the practice of computer security.Its advice about as old as the practice of computer security. Though typically offered as a sarcastic comment on the impossibility of "100 percent security," it does represent a recognition of the primary source of security problems: the network connection. I knowits counterintuitive. Almost all of the hype and technological development of the past few years have focused on ways to increase network interactivity. And common business wisdom is that Internet accessibility is a "must-have" element in any and all new functionality. However, it is possible to physically isolate a trusted network from untrusted networks, like the Internet, without completely cutting off the trusted network. The trick is to interpose an agent between the two that can filter out unnecessary, sensitive or potentially dangerous data, and shuttle the remainder across the "air gap."
From a technical perspective, the simplest way to implement that strategy is to force human users to serve in that intermediary role. The basic approach is to construct a single internal network with access to the public Internet and one or more internal networks that have no physical connection, either to the first network or the outside world. Human users are given a separate machine for each network to which they have legitimate access. Resources on both networks are thus available to the user, but sensitive data cannot be transferred between them without direct and extensive local human intervention.