That would reintroduce a different attack surface, since a physical database is not encrypted and does not automatically log access. If you just want an airgap between you and the hackers, you don't need to go to paper for that.
Things like that have been kind of solved in the past, e.g. dual custody locks that require two keys to open or seals that get destroyed when a key is inserted. The Cold War era is so back, baby!
You're not going to use that kind of security for a government database you'll be accessing with great regularity. You might not even have time to shut the vault door before you need to open it again. Limiting access to a separate computer network within the tax office headquarters is already bad enough.
You can penetrate an air* gapped system locally, so it's much, much harder for outside attackers. Like, movie heist level of difficulty. If it can be penetrated remotely, then it's not actually air gapped. Which actually does happen when you have incompetent employees that connect air gapped devices to external networks.
Are there ways to penetrate even air gapped systems?
air-gapped means completely inaccessible unless you're there in front of it. a PC with no wifi chip and no ethernet cable plugged into it can be considered air-gapped. even so, secret agencies have literally concocted plots to gain access to people's air-gapped systems, Homeland Security for example had several people distracting the Silk Road drug lord at a public library where he'd brought his laptop before his arrest to make sure he was logged in and everything on it had been decrypted in memory.
That would reintroduce a different attack surface, since a physical database is not encrypted and does not automatically log access. If you just want an airgap between you and the hackers, you don't need to go to paper for that.
Things like that have been kind of solved in the past, e.g. dual custody locks that require two keys to open or seals that get destroyed when a key is inserted. The Cold War era is so back, baby!
You're not going to use that kind of security for a government database you'll be accessing with great regularity. You might not even have time to shut the vault door before you need to open it again. Limiting access to a separate computer network within the tax office headquarters is already bad enough.
You can penetrate an air* gapped system locally, so it's much, much harder for outside attackers. Like, movie heist level of difficulty. If it can be penetrated remotely, then it's not actually air gapped. Which actually does happen when you have incompetent employees that connect air gapped devices to external networks.
air-gapped means completely inaccessible unless you're there in front of it. a PC with no wifi chip and no ethernet cable plugged into it can be considered air-gapped. even so, secret agencies have literally concocted plots to gain access to people's air-gapped systems, Homeland Security for example had several people distracting the Silk Road drug lord at a public library where he'd brought his laptop before his arrest to make sure he was logged in and everything on it had been decrypted in memory.
Silkroad guy was an idiot tho. How does one even fall for that? And wtf was he still doing in the US anyway?
IIRC the US government actually burned a couple of their zero-day vulnerabilities in order to get at that guy.