So I have a situation where I would like to keep data secure. In my mind if I’m working on a computer that has no network connection, this is the safest.
However, I may from time to time need to transfer data to this machine, which introduces a vulnerability. Any thoughts on how I could minimize the risk in this case?
Are you concerned about sensitive data leaving the PC or some sort of infection (like a crypto-locker) being brought onto it? Also, what is your threat level? Are you likely to be targeted specifically?
With an airgap, it would be pretty difficult to get data off of it without being onsite. The most important things would be physically securing the device (locked room), using full disk encryption, and using some sort of 2-factor login system. (hardware security key, like a yubikey ideally).
Securing against infection is nearly impossible, as stuxnet showed. Your best bet to beat these is some common sense security with what you’re transferring and lots of backups. If you do find an infection, you just blow the whole system up and restore from a clean backup.
Thanks for this reply, definitely giving me things to think about that I never would have thought to ask.
I would be concerned with both sensitive data leaving, and an infection being brought onto it during a file transfer.
Again, I appreciate you, and this all makes a lot of sense.