Two magic words that explain nothing—so let’s start with a simple thought experiment.
Just imagine you are in a small boat on a river. If you stop paddling, where will it float? Obviously, it will follow the stream downhill, and in one direction only. Can we agree on that?
Now imagine you arrive at a lake created by a dam. The boat stops, but the water keeps flowing. The stopping of the boat represents that only the wanted data will leave the OT (Operational Technology) environment. That equals to protocols—or in other words, the languages systems use to communicate.
You must deliberately instruct the OT computer what data to subscribe to. In our experiment, that data is represented by water.
And the water allowed to flow downhill through the turbines represents the diode principle: it can flow in one way only.
The turbines generating electricity represent the data on the IT side. In other words, useful and only allowed information being presented in IT (Information Technology). But from below the dam, nobody knows what is behind it—because you cannot go back against the stream.
Of course, you can argue that someone could fly a drone over, or bribe a boat operator to see what’s behind the dam. But for that, we have other protective measures—those are outside this thought experiment.
So—is it clear now what a data diode is about? Book a meeting with me is you want to know more.
Data diode is a network device which connects two computer and allows communication in one way only.
