A method of protecting confidentiality of air-gapped logs comprises: generating, during a first log processing cycle, a data processor key and a drive encryption key, wherein the data processor key and the drive encryption key are unique to a log drive mounted to at least one computer processor; wrapping the drive encryption key with the computer processor key; storing the drive encryption key wrapped by the computer processor key in a database, where the database is mapped to data uniquely identifying the log drive; wrapping the drive encryption key with a default key that is known to at least one originator device; wiping the log drive; and writing the drive encryption key wrapped by the default key to the log drive. Some methods described also include a method of processing logs by an originator. Systems and computer program products are also provided.