Air-gapped networks and zero trust: are your controls enough?

TL;DR: Air-gapped networks still face insider threats, infected removable media, and supply chain compromise, and Pomerium argues that zero trust adds per-request authorization, identity-aware access, and continuous validation inside the perimeter. The core assumption that “inside the network equals trusted” breaks once identities, devices, and workflows can be abused from within.

NHIMG editorial — based on content published by Pomerium: Complete Guide to Zero Trust for Air-Gapped Networks

By the numbers:

• Insider breaches cost an average of $4.92 million.
• 51% of malware now targets USB devices.
• 93% of security leaders say insider threats are as difficult or harder to detect than external attacks.

Questions worth separating out

Q: How should security teams implement zero trust in air-gapped environments?

A: They should treat identity verification and per-request authorization as local controls, not cloud services.

Q: Why do air-gapped networks still get breached?

A: Because isolation blocks remote access, not insider misuse, infected removable media, or compromised hardware that arrives already trusted.

Q: What breaks when organisations rely on shared passwords in air-gapped systems?

A: Shared passwords destroy accountability and create permanent access that survives role changes, device changes, and personnel departures.

Practitioner guidance

• Eliminate static credentials inside isolated environments Replace long-lived passwords, shared accounts, and manually managed secrets with short-lived, locally verifiable identities that can be revoked inside the air gap.
• Enforce per-request authorization for every privileged action Require the policy engine to evaluate each request separately so a single successful login does not become blanket access across the entire session.
• Instrument local monitoring and audit logging Capture who accessed what, when, from which workstation, and under which policy so investigations and compliance reviews remain possible without external telemetry.

What's in the full article

Pomerium's full blog post covers the operational detail this post intentionally leaves for the source:

• Step-by-step guidance for implementing self-hosted access controls inside disconnected environments
• The five-step zero trust deployment sequence for isolated networks
• Practical examples of offline authentication, authorization, and logging patterns
• Source-specific architecture notes on how the control plane operates without external dependencies

👉 Read Pomerium's guide to zero trust for air-gapped networks →

Air-gapped networks and zero trust: are your controls enough?

Explore further

View Full Forum →  |  NHI Foundation Course →