“We Don’t Connect to the Internet” – The Illusion of Isolation

Tuesday, September 2nd, 2025

A common claim we still hear is, “We don’t connect to the internet, so we’re secure.” While physical isolation, or “air-gapping,” might reduce certain risks, it does not eliminate vulnerabilities — and in many cases, it leads to a false sense of security that undermines overall resilience. 
 
Even without direct internet access, industrial systems remain exposed to cyber threats. Engineers and contractors routinely connect programming laptops, sometimes unknowingly infected, directly into critical systems. Removable media, often used to extract reports or transfer updates, can introduce malware. Misconfigured or outdated firewalls between IT and OT environments can allow unintentional access. Even when connections are removed, they are often replaced with informal workarounds, undocumented data transfers, and poorly managed or unsecured remote access methods. 
 
During a recent site visit, we were informed that the network had no internet connectivity due to security reasons. However, when speaking with the engineering team, it became clear they had arranged for a 4G router to be installed in the control panel to get around the restriction, without informing IT or management. From their perspective, remote access and vendor support were essential, but the result was an unmanaged, undocumented internet connection within a critical control environment. This kind of workaround is far more common than many realise. 
 
The truth is, in modern industrial environments, complete isolation is rarely practical — and when it is attempted, it often comes at the cost of visibility, maintainability, and security. Properly configured and monitored secure connections are often safer than hidden, unmanaged ones. 
 
At Fairfields, we help clients move beyond the myth of isolation. We implement structured, IEC 62443-compliant solutions that allow safe remote access, controlled data exchange, and clearly defined network boundaries. By doing so, we support productivity while maintaining control and traceability — because true cybersecurity is not about disconnection, it’s about secure, manageable connectivity. 

We use cookies on this website, by continuing to use it we assume consent. Read our cookies policy.  Okay

This secure form is hosted on Microsoft Forms. Please fill out your contact request below: