Isolation is a vital cybersecurity tactic in system design and architecture (SDA). Its goal is to safeguard sensitive data by limiting external access. It includes concepts such as air-gapped systems and disconnected environments.
Disconnected or isolated environments are networks or systems intentionally void of internet connectivity to ensure security requirements. Some systems or components require disconnection because they handle sensitive data or operate under stringent regulatory compliance. Disconnecting these systems from the internet reduces potential cyberattack avenues, enhancing overall security posture.
This isolation is often achieved logically using virtual local area networks (VLANs), non-routable subnets, and firewalls. Such systems can share the same networking infrastructure as their internet-connected counterparts yet remain distinct and secure.