Air-gapped, no-cloud virtual tours: when the cloud is not an option

An air-gapped virtual tour is a fully self-contained 360 photo tour that runs with no internet and no external cloud. It lives on your own network, or on media you control, and it plays in a browser without ever phoning home to a vendor's servers. The imagery is owned by you. Nothing about the tour depends on a subscription, a login to someone else's platform, or a connection leaving your building. For most buyers that is more isolation than they need. For a specific minority, it is the only acceptable way to receive a tour at all.

Hosted, self-hosted, and air-gapped: three ways to deliver the same tour

The same 360 photography can be delivered three ways, and the difference is entirely about where it lives and who controls it.

Hosted is the standard, and it is the right answer for the large majority of clients. We host the finished tour on managed infrastructure, you get a link, and it loads fast for anyone you share it with. It is simple, it is supported, and it is covered by our virtual tour hosting. Most municipalities, builders, facilities, and commercial sites should stop here.

Self-hosted moves the tour onto infrastructure you control. The files sit on your own server or your own content delivery setup, behind your own access rules, while still being reachable over a network. You own the asset and the address. This suits organizations with their own IT estate and a preference for keeping web assets in-house. We cover the trade-offs in self-hosted versus subscription virtual tours.

Air-gapped is the strict case: the tour is built to run with no outside connection of any kind. It can be deployed on an isolated internal network, on a secured workstation, or handed over on encrypted media, and it works fully offline. There is no cloud dependency to sever because there was never one to begin with.

The honest test is simple: does your security model allow this asset to touch the internet at all? If yes, hosted or self-hosted is right. If no, air-gapped is the only option that fits.

Who actually needs an air gap

Genuinely air-gapped delivery is a minority requirement, and it is worth saying so plainly rather than selling fear. The sites that need it tend to be defence and national-security facilities, operators of critical infrastructure such as Crown utilities, regulated bodies handling sensitive records, and security-sensitive industrial and energy sites where the network itself is treated as part of the risk. For these buyers, an outside connection is not a convenience to be weighed against cost. It is a line they are not permitted to cross.

Everyone else, which is to say most of the people reading this, is better served by a standard hosted tour. If your building is something you are happy to put on a public website, paying for offline isolation buys you nothing. Choosing air-gap when you do not need it adds friction and cost without adding value. The capability matters precisely because it is reserved for the cases that truly call for it.

The Canadian drivers, described honestly

When a Canadian buyer raises air-gap, it is usually because of a framework they operate under, not because of anything we certify. It is worth naming those frameworks accurately, as the buyer's context.

The Government of Canada's direction on electronic data residency sets out that data categorized at Protected B and above must be stored within the geographic boundaries of Canada, in approved facilities. For information at those levels, residency is not optional. Alongside that, ITSG-33, published by the Canadian Centre for Cyber Security, is the control framework Government of Canada departments use to manage IT security risk across Protected A, Protected B, and higher environments. A buyer working to that catalogue will have firm views on where a digital asset can live and how it can be accessed.

Provincial data-residency law adds another layer. British Columbia's Freedom of Information and Protection of Privacy Act and Nova Scotia's freedom-of-information regime both restrict public bodies from storing or disclosing personal information outside Canada, with assessment obligations attached. On top of all of this sits critical-infrastructure protection: Public Safety Canada's national strategy names sectors such as energy and utilities, water, transportation, and government, where operators treat connectivity itself as part of the threat surface.

Here is the honest part, and it is binding for us. We offer the delivery capability. We do not hold an ITSG-33 certification, a Protected A, B, or C authorization, a Facility Security Clearance, or a Document Safeguarding Capability, and we do not claim compliance with any of these standards. We are ISN (ISNetworld) registered, and we do not hold COR or SECOR. What we provide is a 360 photo tour engineered to run offline so that it fits inside your security model. The framework, the categorization, and the clearance are yours to hold and to apply.

How it works in practice

An air-gapped engagement is scoped around your security model from the first conversation, not bolted on at the end. We agree how capture will happen on a secure site, frequently under NDA, including how devices are handled, what leaves the premises, and who reviews the imagery. The tour is then built as a self-contained package: spherical photos, navigation, and hotspots that load locally with no external calls.

Delivery follows whatever your environment allows. That might mean deploying onto an isolated internal network, installing on a controlled workstation, or providing the tour on encrypted media for your team to place inside the gap. Either way, the finished asset is yours to own and to keep, with no subscription that can switch it off. This stands in contrast to cloud-only 3D platforms, which keep your facility on the vendor's servers behind a recurring fee, with single-tenancy and offline use off the table for the category. We unpack that comparison in 360 photo versus 3D scanning.

Because this work is bespoke and security-led, it is not priced from the standard commercial floor. Our industrial pilots start at $500,000, and air-gapped delivery is scoped to the specific security model in front of us rather than quoted from a list. You can see the dedicated picture on our air-gapped delivery page.

The short version

• Choose hosted if your tour can live on a website. That is most buyers, and it is the simplest, best-supported path.
• Choose self-hosted if you want the asset on infrastructure you control while keeping it reachable over a network.
• Choose air-gapped only when your security model forbids any outside connection, which is defence, critical infrastructure, regulated bodies, and security-sensitive industrial and energy sites.