There is a Valuable IT Security Lesson in Star Wars

Star Wars is a cultural sensation. For the past 40+ years audiences from all around the globe have become captivated with the story that took place in a galaxy far, far away. However, Star Wars was also a wonderful lesson in modern IT security! Let's examine three situations that happened in Star Wars: A New Hope and, how, if proper IT strategies were implemented, the Empire would have been able to keep its greatest asset protected.

Some Context
For anyone who has been living with their head in the sand and somehow hasn't seen the original Star Wars movie, A New Hope, the story tracks a young pilot named Luke Skywalker. Luke's guardians are killed by soldiers of the Imperial Army, who were looking for two droids his Uncle Owen purchased. With the help of an old Jedi hermit, Obi Wan “Old Ben” Kenobi, Luke sets out to join the rebellion led by his sister Leia (although they don’t know they are related yet).

The Empire has built a new type of battlestation called the Death Star, which is a behemoth as big as the moon and equipped with a Super Laser, which was utilized to obliterate first Jedha City (Rogue One) and eventually, Leia’s (adopted) home planet of Alderaan. The plot of A New Hope centers around the rebellion's efforts to neutralize the Death Star.
A team including smuggler Han Solo, the Wookie Chewbacca, Luke , Jedi Obi Wan, and two droids C-3PO and R2-D2 set out to save Princess Leia, who was held capitve on the Death Star. Let's examine how the Empire's security procedures made it possible for the rebellion to rescue Leia while simultaneously destroying the Death Star.

Unsecured Endpoints
Star Wars - Obi Wan Kenobi was a wanted man by the Empire; he had to be very careful. When he’s stopped by Imperial Stormtroopers, he was able to utilize the Jedi Mind Trick to control their thoughts and get past the checkpoint.
Real World - Having a thoroughly controlled authentication protocol is an imperative aspect of keeping your data and infrastructure protected. Passwords, biometrics, and other forms of authentication have to both work for the users, while also being complex enough to keep unauthorized users (like Obi Wan in the above example) out.

A Complete Lack of Segmentation and System Encryption
Star Wars - Once the heroes arrive on the Death Star, they obtain access to a control room where the droids begin to access the Death Star’s system. When he’s hooked up, R2-D2 has total access to the entire network without any form of authentication or protection.
Real World - Having some segmentation to your network permits you to choose who can obtain specific information and who can’t. Your network data has to be encrypted to ensure that just anyone can’t access all the sensitive information on it.

Ignoring CISO at Great Risk
Star Wars - Grand Moff Tarkin scoffed when he was told about the potential vulnerability to the Death Star. Nothing was done with that information and it resulted in the first Imperial Death Star being obliterated, along with all Imperial staff onboard.
Real World - It is very, very dangerous to ignore the vulnerabilities in your network, as the more open your network is to outsiders, the larger you risk being infiltrated. Keeping your network and infrastructure up to date with the latest patches and security protections is critical to keeping your business from being put in hazardous positions, or from being destroyed outright like the Death Star.

Regardless of what you think about your organization’s network security, you can learn much from the negligent style the Empire went about securing their important assets. If you are looking for some help with your organization's security, whether it be physical or virtual, call Macro System’s professional security technicians today at 703-359-9211. May the fourth be with you!