What is offline secure storage?

Offline secure storage (OSS) is a data protection method where data is physically disconnected from the internet when not in use. Unlike cloud storage, data stored offline has zero remote attack surface — it cannot be hacked, ransomed or accessed remotely because it is not connected to any network. Firevault provides this through hardware-encrypted vaults that are physically isolated.

How does Firevault protect against ransomware?

Firevault protects against ransomware by physically disconnecting your data from the internet. Ransomware can only encrypt data it can reach over a network. When your data is stored offline in a Firevault, ransomware attacks cannot reach it. Even if your entire network is compromised, your offline vault remains untouched and intact.

How much does Firevault cost?

Firevault Vault starts from £75 per month (inc VAT) for individuals. Business Storage starts from £360 per month (inc VAT). Enterprise Platform pricing is available on request. All plans include hardware encryption, identity verification, and physical disconnection by default.

Who is Firevault designed for?

Firevault is designed for individuals protecting passports, wills and crypto keys; professionals such as solicitors, accountants and consultants protecting client data; SMEs and businesses protecting crown jewel data; and regulated industries including healthcare, financial services and legal sectors requiring offline backup for compliance with GDPR, NIS2, DORA and FCA regulations.

Is Firevault GDPR compliant?

Yes. Firevault is designed to support GDPR compliance by keeping sensitive personal data physically isolated and offline. Physical disconnection ensures data is not exposed to network-based attacks, supports data minimisation principles, and provides an audit trail of access. Firevault is also designed to support NIS2, DORA, FCA and SRA compliance requirements.

What is a physical air gap?

A physical air gap is a security measure where a computer or storage device is completely isolated from the internet and all unsecured networks. Unlike a logical or software air gap, a physical air gap cannot be bridged remotely. Firevault uses a Layer 1 physical air gap — your data is stored on hardware that is physically disconnected from any network when not in active use.

Back to Knowledge Vault

News28 May 20253 min read

Two NHS Trusts Targeted via Ivanti Vulnerability

Two major NHS trusts— University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust —have been exposed in a…

Mark Fermor

Director & Co-Founder, Firevault

A hospital building exterior at blue hour with emergency lighting and visible infrastructure

Two major NHS trusts—University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust—have been exposed in a newly identified cyberattack, after threat actors exploited a vulnerability in a widely used device management platform.

The breach, linked to Ivanti Endpoint Manager Mobile (EPMM), enabled attackers to gain unauthorised access to internal systems. Security analysts confirm that this was not a ransomware event, but a stealth intrusion designed to extract sensitive information without triggering standard alarms.

The software in question is commonly deployed across enterprise and public sector environments to manage and secure employee mobile devices. In this instance, attackers exploited a known flaw to infiltrate network environments and access data silently.

Cybersecurity experts warn that the incident could result in the exposure of highly sensitive patient records and operational data.

“This represents a clear example of the growing threat posed by software-based vulnerabilities, especially in systems that underpin large, distributed networks such as those used in healthcare,” one analyst stated. “The data wasn’t locked—it was taken, quietly.”

The breach forms part of a broader campaign affecting organisations in the UK, Europe, the US, and Asia, with victims spanning healthcare, government, and commercial sectors.

A Wake-Up Call for Healthcare Security

The attack highlights a shift in tactics from disruptive ransomware to clandestine data harvesting, where the goal is no longer to shut down systems but to extract valuable information unnoticed.

With investigations ongoing, NHS security teams and national cybersecurity authorities are assessing the scope of the breach and issuing guidance to mitigate further exposure.

There is currently no confirmation of the volume or type of data accessed, and both trusts have yet to issue formal public statements.

Exploring Offline Alternatives

As cyber threats grow increasingly sophisticated, some organisations are beginning to reconsider the default assumption that all data must remain connected. Solutions such as Firevault a fully offline digital vault are gaining attention for offering a fundamentally different approach: disconnecting critical files from the internet entirely.

By physically isolating sensitive digital assets, Firevault aims to render data invisible and inaccessible to remote attackers, regardless of how advanced their intrusion methods may be. In a climate where exploits can sit undetected for months, offline storage is becoming part of a wider conversation around resilience and patient data protection.

This latest breach reinforces the urgency for healthcare providers to not only patch software and strengthen monitoring, but also rethink their exposure surface and ask what truly needs to stay online.

About the author