Beware of software-based security!

It may sound like an open door, but we don’t always realize it: virtual is synonymous with “not real” or “a reality created in memories of computers. Too often we think of “virtual” as reality, but that is certainly not the case. That mindset has quite a few consequences. For example, a virtual machine (VM) is a computer program that emulates a computer, on which other programs can be run. Although a VM mimics hardware, it ís software. And that makes it more vulnerable. For example, you can basically remotely, say via the Internet from another continent, remove a network card from the VM – try that with a physical computer.

Software=vulnerable

The example makes it clear that even the most sophisticated security with two-factor authorization can be bypassed in these cases. After all, it is and always will be software-based security. In practice, we see this very regularly at COMEX. Certainly software has defined security applications. But it is and remains software, and thus in a sense vulnerable.

Software WORM and airgap?

We are also hearing more and more about a “software-based WORM. Write Once Read Many happens and happened hardware-wise on a CD. You described that one once and then you couldn’t change it. But WORM provided by software always has a back door. Data in such WORM is thus not one hundred percent secure. So is the concept of airgap: a physical separation between data and infrastructure. Data is thus always safe from hackers. But an airgap created via software is less secure, despite claims by manufacturers that it is as secure as an actual physical airgap. It is a virtual airgap created by software that asks to connect. This bridges the airgap for hackers. So again, a virtual WORM or airgap is not a real WORM or airgap.

Want to know more?

Through Silent Bricks, we create a true hardware airgap: a physical separation between data and infrastructure. Want to know more? Please inquire about the possibilities!