What is offline secure storage?

Offline secure storage (OSS) is a data protection method where data is physically disconnected from the internet when not in use. Unlike cloud storage, data stored offline has zero remote attack surface — it cannot be hacked, ransomed or accessed remotely because it is not connected to any network. Firevault provides this through hardware-encrypted vaults that are physically isolated.

How does Firevault protect against ransomware?

Firevault protects against ransomware by physically disconnecting your data from the internet. Ransomware can only encrypt data it can reach over a network. When your data is stored offline in a Firevault, ransomware attacks cannot reach it. Even if your entire network is compromised, your offline vault remains untouched and intact.

How much does Firevault cost?

Firevault Vault starts from £75 per month (inc VAT) for individuals. Business Storage starts from £360 per month (inc VAT). Enterprise Platform pricing is available on request. All plans include hardware encryption, identity verification, and physical disconnection by default.

Who is Firevault designed for?

Firevault is designed for individuals protecting passports, wills and crypto keys; professionals such as solicitors, accountants and consultants protecting client data; SMEs and businesses protecting crown jewel data; and regulated industries including healthcare, financial services and legal sectors requiring offline backup for compliance with GDPR, NIS2, DORA and FCA regulations.

Is Firevault GDPR compliant?

Yes. Firevault is designed to support GDPR compliance by keeping sensitive personal data physically isolated and offline. Physical disconnection ensures data is not exposed to network-based attacks, supports data minimisation principles, and provides an audit trail of access. Firevault is also designed to support NIS2, DORA, FCA and SRA compliance requirements.

What is a physical air gap?

A physical air gap is a security measure where a computer or storage device is completely isolated from the internet and all unsecured networks. Unlike a logical or software air gap, a physical air gap cannot be bridged remotely. Firevault uses a Layer 1 physical air gap — your data is stored on hardware that is physically disconnected from any network when not in active use.

OSS, Compliance & Risk

Cyber Essentials with Offline Secure Storage

Cyber Essentials provides baseline security controls. Offline Secure Storage (OSS) goes further — removing your most sensitive data from the attack surface entirely.

View All Compliance

We Think This Is Hard to Ignore

The Co-op had Cyber Essentials certification when attackers exfiltrated 6.5 million members' personal data. Baseline controls protect the perimeter, but data inside the perimeter was still reachable. At Firevault, sensitive data is removed from the certified perimeter entirely, because protection beyond baseline starts with physical disconnection.

£14M

ICO fine to Capita — Cyber Essentials certified at time of breach

ICO, October 2025

£300M

Estimated cost of M&S ransomware despite baseline controls

Reuters, 2025

327

Public sector cyber incidents in 2024

NCSC Annual Review, 2025

6.5M

People affected in single Co-op breach

BBC News, 2025

The Gap

Cyber Essentials is a baseline, not a ceiling.

Baseline Controls

Cyber Essentials covers firewalls, patching, and access controls — but not physical protection.

Beyond the Perimeter

Even with Cyber Essentials Plus, connected data remains reachable by determined attackers.

Government Contracts

Many government contracts now require Cyber Essentials Plus as a minimum.

The Reality

Baseline certification does not prevent breaches.

Capita: £14M Fine Despite Holding Cyber Essentials Certification

Capita held baseline certifications at the time of its breach. The ICO still fined the company £14 million, demonstrating that Cyber Essentials without physical protection is insufficient for sensitive data.

ICO, October 2025

M&S: £300M Loss Despite Baseline Security Controls

Marks and Spencer had established security controls in place. Attackers bypassed them via a compromised third party and deployed DragonForce ransomware, shutting down online operations for months.

Reuters, 2025

Co-op: 6.5 Million Records Stolen Despite Security Measures

The Co-op had security measures in place but attackers still exfiltrated personal data of all 6.5 million members, demonstrating that connected data remains reachable regardless of baseline controls.

BBC News, 2025

How OSS Complements

Go beyond baseline with physical protection.

Offline Secure Storage (OSS) complements Cyber Essentials by removing the most sensitive data from the certified perimeter entirely.

Sensitive data removed from the attack surface entirely
Reduces scope of Cyber Essentials certification
Supports government contract requirements
Physical protection exceeds baseline controls

Take Sensitive Data Off the Certified Perimeter

Step 1 of 3

Sensitive data is taken off the certified perimeter and written to physically disconnected RAID 1 drives inside a Firevault Bunker. This reduces the scope of what Cyber Essentials must protect and removes the most sensitive assets entirely.

Featured In