(Air Gapped) Data Storage and security
-
Gentleman - been a while since I have had time to sit down here, but was just asked a question which I don't know how to figure out.
Can you (how do you) Air gap and secure data and still be able to make it available to a (end user) without:
- USB devices
- Hand holding the data
- encrypted storage
I don't think it is possible to have it both ways, how do you work with the (CAD) data, if it isn't on the network.
In some ways, I feel it's like the Schrödinger's cat paradox. I've no idea on this one.
-
@gjacobse why do you need to airgap the live data? Can't you focus on an appropriate backup strategy, and nuke and restore as needed from backup?
-
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse why do you need to airgap the live data? Can't you focus on an appropriate backup strategy, and nuke and restore as needed from backup?
It's not so much about the backup strategy as it is security.
-
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse why do you need to airgap the live data? Can't you focus on an appropriate backup strategy, and nuke and restore as needed from backup?
It's not so much about the backup strategy as it is security.
Security from what perspective? An Airgap is meant to keep your systems and data separated. ACLs and the rule of least access should cover pretty much everything else.
-
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse why do you need to airgap the live data? Can't you focus on an appropriate backup strategy, and nuke and restore as needed from backup?
It's not so much about the backup strategy as it is security.
Security from what perspective? An Airgap is meant to keep your systems and data separated. ACLs and the rule of least access should cover pretty much everything else.
Agreed - Thus the comment about Schrödinger's cat,.. You can't have high (air gapped) security and access to it at the same time. Unless I've missed something here. Staff will need and want to have access to the project files when they need them.
I suppose 'one way' is to use the local machine to access a VDI but even that has limitations when you are talking about large project files (CAD, DesignFlow, etc)
-
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse why do you need to airgap the live data? Can't you focus on an appropriate backup strategy, and nuke and restore as needed from backup?
It's not so much about the backup strategy as it is security.
Security from what perspective? An Airgap is meant to keep your systems and data separated. ACLs and the rule of least access should cover pretty much everything else.
Agreed - Thus the comment about Schrödinger's cat,.. You can't have high (air gapped) security and access to it at the same time. Unless I've missed something here. Staff will need and want to have access to the project files when they need them.
I suppose 'one way' is to use the local machine to access a VDI but even that has limitations when you are talking about large project files (CAD, DesignFlow, etc)
When the government releases top secret documents they release redacted documents. So the original document can be securely stored and inaccessible.
If you think about it you could do the same with CAD data. The original might be a cad file but the user might have access a redacted pdf version of it. For instance without critical measurements or whatever. CAD files have layers so it would be technically possible.
Another way would be to simulate a SCIF.
Which would be a secure place to view the document but you can't take it with you. Perhaps a dedicated viewing station would work. Many CAD systems have dedicated viewers that can view the original file but not edit the documents. Or you could use pdf documents here as well, both 2D and 3D are supported. -
@Pete-S said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse why do you need to airgap the live data? Can't you focus on an appropriate backup strategy, and nuke and restore as needed from backup?
It's not so much about the backup strategy as it is security.
Security from what perspective? An Airgap is meant to keep your systems and data separated. ACLs and the rule of least access should cover pretty much everything else.
Agreed - Thus the comment about Schrödinger's cat,.. You can't have high (air gapped) security and access to it at the same time. Unless I've missed something here. Staff will need and want to have access to the project files when they need them.
I suppose 'one way' is to use the local machine to access a VDI but even that has limitations when you are talking about large project files (CAD, DesignFlow, etc)
When the government releases top secret documents they release redacted documents. So the original document can be securely stored and inaccessible.
If you think about it you could do the same with CAD data. The original might be a cad file but the user might have access a redacted pdf version of it. For instance without critical measurements or whatever. CAD files have layers so it would be technically possible.
Another way would be to simulate a SCIF.
Which would be a secure place to view the document but you can't take it with you. Perhaps a dedicated viewing station would work. Many CAD systems have dedicated viewers that can view the original file but not edit the documents. Or you could use pdf documents here as well, both 2D and 3D are supported.A simple way to implement a low level of this is RDS with all the "sharing" functionality disabled and no routing out form the RDS device except the RDS port.
Not the best but maybe something everyone can understand how it works. Obviously, that then lets you stll screenshot, but meh. what are you actually trying to accomplish here?
-
@gjacobse said in (Air Gapped) Data Storage and security:
Gentleman - been a while since I have had time to sit down here, but was just asked a question which I don't know how to figure out.
Can you (how do you) Air gap and secure data and still be able to make it available to a (end user) without:
- USB devices
- Hand holding the data
- encrypted storage
I don't think it is possible to have it both ways, how do you work with the (CAD) data, if it isn't on the network.
In some ways, I feel it's like the Schrödinger's cat paradox. I've no idea on this one.
The two things are contradictory. You can't have live data that is also air gaped.
Is this some weird management request?
-
What's the actual request/requirement? We were airgapped but it was from the outside world. We still had an internal Network (actually multiple that were airgapped from each other). But you had to be in the building and at the correct systems to access the data.
-
@stacksofplates said in (Air Gapped) Data Storage and security:
What's the actual request/requirement? We were airgapped but it was from the outside world. We still had an internal Network (actually multiple that were airgapped from each other). But you had to be in the building and at the correct systems to access the data.
This was my thinking.
Users will need two computers one for the air-gapped network and one for the internet network.
The real problem here is that I assume you’re making the CAD drawings for clients... so how do those in power propose getting the fl data gram an airgapped system to the client? -
Also, As JB said, screen shots/ cellphone pictures is still a real risk... will people be checking their phones at the door?
-
@gjacobse said in (Air Gapped) Data Storage and security:
Can you (how do you) Air gap and secure data
Air-gapped from what? The internet? The LAN? Specific LAN subnets? No network connectivity whatsoever?
It depends on above. If air-gapped from the LAN the users are on, obviously they can't access it from their system and will have to use something that is not air-gapped from it.
-
@JaredBusch said in (Air Gapped) Data Storage and security:
@Pete-S said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse why do you need to airgap the live data? Can't you focus on an appropriate backup strategy, and nuke and restore as needed from backup?
It's not so much about the backup strategy as it is security.
Security from what perspective? An Airgap is meant to keep your systems and data separated. ACLs and the rule of least access should cover pretty much everything else.
Agreed - Thus the comment about Schrödinger's cat,.. You can't have high (air gapped) security and access to it at the same time. Unless I've missed something here. Staff will need and want to have access to the project files when they need them.
I suppose 'one way' is to use the local machine to access a VDI but even that has limitations when you are talking about large project files (CAD, DesignFlow, etc)
When the government releases top secret documents they release redacted documents. So the original document can be securely stored and inaccessible.
If you think about it you could do the same with CAD data. The original might be a cad file but the user might have access a redacted pdf version of it. For instance without critical measurements or whatever. CAD files have layers so it would be technically possible.
Another way would be to simulate a SCIF.
Which would be a secure place to view the document but you can't take it with you. Perhaps a dedicated viewing station would work. Many CAD systems have dedicated viewers that can view the original file but not edit the documents. Or you could use pdf documents here as well, both 2D and 3D are supported.A simple way to implement a low level of this is RDS with all the "sharing" functionality disabled and no routing out form the RDS device except the RDS port.
Not the best but maybe something everyone can understand how it works. Obviously, that then lets you stll screenshot, but meh. what are you actually trying to accomplish here?
This isn't airgapped.
-
@Dashrender said in (Air Gapped) Data Storage and security:
Also, As JB said, screen shots/ cellphone pictures is still a real risk... will people be checking their phones at the door?
We did. We had company phones and weren't allowed private phones in the building. They disabled the camera and other functions on the phone.
-
@Dashrender said in (Air Gapped) Data Storage and security:
@JaredBusch said in (Air Gapped) Data Storage and security:
@Pete-S said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse why do you need to airgap the live data? Can't you focus on an appropriate backup strategy, and nuke and restore as needed from backup?
It's not so much about the backup strategy as it is security.
Security from what perspective? An Airgap is meant to keep your systems and data separated. ACLs and the rule of least access should cover pretty much everything else.
Agreed - Thus the comment about Schrödinger's cat,.. You can't have high (air gapped) security and access to it at the same time. Unless I've missed something here. Staff will need and want to have access to the project files when they need them.
I suppose 'one way' is to use the local machine to access a VDI but even that has limitations when you are talking about large project files (CAD, DesignFlow, etc)
When the government releases top secret documents they release redacted documents. So the original document can be securely stored and inaccessible.
If you think about it you could do the same with CAD data. The original might be a cad file but the user might have access a redacted pdf version of it. For instance without critical measurements or whatever. CAD files have layers so it would be technically possible.
Another way would be to simulate a SCIF.
Which would be a secure place to view the document but you can't take it with you. Perhaps a dedicated viewing station would work. Many CAD systems have dedicated viewers that can view the original file but not edit the documents. Or you could use pdf documents here as well, both 2D and 3D are supported.A simple way to implement a low level of this is RDS with all the "sharing" functionality disabled and no routing out form the RDS device except the RDS port.
Not the best but maybe something everyone can understand how it works. Obviously, that then lets you stll screenshot, but meh. what are you actually trying to accomplish here?
This isn't airgapped.
It is a view only access. that is effectively air gapped.
Nothing in this discussion is a true air gap.
-
@Dashrender said in (Air Gapped) Data Storage and security:
@stacksofplates said in (Air Gapped) Data Storage and security:
What's the actual request/requirement? We were airgapped but it was from the outside world. We still had an internal Network (actually multiple that were airgapped from each other). But you had to be in the building and at the correct systems to access the data.
This was my thinking.
Users will need two computers one for the air-gapped network and one for the internet network.
The real problem here is that I assume you’re making the CAD drawings for clients... so how do those in power propose getting the fl data gram an airgapped system to the client?We had what they call a media center. You requested a file or files in the media center and it was exported for you and tracked. Then it was copied to an encrypted media and you could send it out of the building.
-
@JaredBusch said in (Air Gapped) Data Storage and security:
@Dashrender said in (Air Gapped) Data Storage and security:
@JaredBusch said in (Air Gapped) Data Storage and security:
@Pete-S said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse said in (Air Gapped) Data Storage and security:
@DustinB3403 said in (Air Gapped) Data Storage and security:
@gjacobse why do you need to airgap the live data? Can't you focus on an appropriate backup strategy, and nuke and restore as needed from backup?
It's not so much about the backup strategy as it is security.
Security from what perspective? An Airgap is meant to keep your systems and data separated. ACLs and the rule of least access should cover pretty much everything else.
Agreed - Thus the comment about Schrödinger's cat,.. You can't have high (air gapped) security and access to it at the same time. Unless I've missed something here. Staff will need and want to have access to the project files when they need them.
I suppose 'one way' is to use the local machine to access a VDI but even that has limitations when you are talking about large project files (CAD, DesignFlow, etc)
When the government releases top secret documents they release redacted documents. So the original document can be securely stored and inaccessible.
If you think about it you could do the same with CAD data. The original might be a cad file but the user might have access a redacted pdf version of it. For instance without critical measurements or whatever. CAD files have layers so it would be technically possible.
Another way would be to simulate a SCIF.
Which would be a secure place to view the document but you can't take it with you. Perhaps a dedicated viewing station would work. Many CAD systems have dedicated viewers that can view the original file but not edit the documents. Or you could use pdf documents here as well, both 2D and 3D are supported.A simple way to implement a low level of this is RDS with all the "sharing" functionality disabled and no routing out form the RDS device except the RDS port.
Not the best but maybe something everyone can understand how it works. Obviously, that then lets you stll screenshot, but meh. what are you actually trying to accomplish here?
This isn't airgapped.
It is a view only access. that is effectively air gapped.
Nothing in this discussion is a true air gap.
View only wasn't a given in the OP. Still not air gapped - as you said - screen shot from non-gapped machine of the RPD screen.
-
@stacksofplates said in (Air Gapped) Data Storage and security:
@Dashrender said in (Air Gapped) Data Storage and security:
@stacksofplates said in (Air Gapped) Data Storage and security:
What's the actual request/requirement? We were airgapped but it was from the outside world. We still had an internal Network (actually multiple that were airgapped from each other). But you had to be in the building and at the correct systems to access the data.
This was my thinking.
Users will need two computers one for the air-gapped network and one for the internet network.
The real problem here is that I assume you’re making the CAD drawings for clients... so how do those in power propose getting the fl data gram an airgapped system to the client?We had what they call a media center. You requested a file or files in the media center and it was exported for you and tracked. Then it was copied to an encrypted media and you could send it out of the building.
I'm not sure how this helps? What could you plug that encrypted media into for viewing/editing? if that was a totally controlled machine - what prevents it from being copied and redistributed? of course you'd know who was responsible for that data at that time, so you could blame someone, but the data is still out there.
-
@stacksofplates said in (Air Gapped) Data Storage and security:
@Dashrender said in (Air Gapped) Data Storage and security:
Also, As JB said, screen shots/ cellphone pictures is still a real risk... will people be checking their phones at the door?
We did. We had company phones and weren't allowed private phones in the building. They disabled the camera and other functions on the phone.
I had a client ask me about locking down things, not quite as bad as the OP, but bad enough. I asked them - you going to keep cellphones out? are you going to prevent access to the internet? are you going to prevent access to email, etc, etc, etc? If not, you're going way overboard on protecting this data.
They agreed that they were going overboard and backed down.
-
@Dashrender said in (Air Gapped) Data Storage and security:
@stacksofplates said in (Air Gapped) Data Storage and security:
@Dashrender said in (Air Gapped) Data Storage and security:
@stacksofplates said in (Air Gapped) Data Storage and security:
What's the actual request/requirement? We were airgapped but it was from the outside world. We still had an internal Network (actually multiple that were airgapped from each other). But you had to be in the building and at the correct systems to access the data.
This was my thinking.
Users will need two computers one for the air-gapped network and one for the internet network.
The real problem here is that I assume you’re making the CAD drawings for clients... so how do those in power propose getting the fl data gram an airgapped system to the client?We had what they call a media center. You requested a file or files in the media center and it was exported for you and tracked. Then it was copied to an encrypted media and you could send it out of the building.
I'm not sure how this helps? What could you plug that encrypted media into for viewing/editing? if that was a totally controlled machine - what prevents it from being copied and redistributed? of course you'd know who was responsible for that data at that time, so you could blame someone, but the data is still out there.
You couldn't plug it in to your computer. It was given to you from the media center. Then you could send it to clients, who had the credentials to decrypt it.