Star Wars security – Protect your imperial intelligence

From opening scene of the original ‘Star Wars’, the 1977 classic showcases a number of security issues that are still prevalent today. Whether it’s R2-D2 storing the stolen Death Star plans, gaining unauthorised access into critical systems like garbage compactors, there are more than a few parallels that can be drawn.

To celebrate the release of ‘Star Wars: The Force Awakens’, we’ve rounded up a council of security experts to explain what Star Wars can teach us about cyber security.

Lock down your data - Luke Brown, VP and GM of EMEA, India and Latam at Digital Guardian

"A long time ago the only major threats to data security were Bothan Spies, however as the world has become more connected, data breaches have developed into a much more prominent danger. Whether you’re a Hutt with bank details to plunder, a movie set with IP to leak or just a small business selling second-hand droids, if your organisation holds private information, it has something to lose.

"Implementing clear and precise access control measures, so employees can’t access sensitive files without the proper permission, will help to ensure your battle station remains fully armed and operational."

Dealing with dispersion in your galactic network - Klaus Gheri, VP and GM of Network Security at Barracuda Networks

“In the Star Wars universe, networks would be more dispersed than we could possibly imagine, extending across the vast reaches of space. Back on Earth, businesses now often have multiple branch offices, subsidiaries and remote workers that need secure, business-quality access to network resources and the Internet. The extent of dispersion means that the Rebel and Empire fleets, much like businesses today, would have a hard time balancing their security and performance requirements.

"From a secret base on the planet Hoth or an X-Wing preparing for assault, to a busy professional using Cloud services on their smartphone, the need to access critical resources instantly means that IT managers are expected to provide both top-notch security and optimised delivery. Today’s network solutions must effectively support mission-critical applications across highly dispersed networks – a requirement that is as fundamental for running a business on Earth, as it is for a galactic rebellion.”

In the Galaxy of Things, these aren’t the droids you’re looking for - Simon Moffat, Solutions Director, ForgeRock

"In a galaxy far, far away Star Wars forces us to consider how to keep the Dark Side away. Time and again, the Empire’s lack of investment in identity management meant they faced attack; whether that’s Obi-Wan tricking his way past StormTroopers or the ease with which R2D2 hacked the Death Star, unauthorised access can result in unforeseen consequences. In this instance, it meant the difference between life and death for Luke Skywalker, Han Solo and Princess Leia. Whilst a lack of identity management was a good thing here for the Rebels, those who would embrace the Dark Side could cause much more damage.

"Such security issues are the logical outcome of pervasive connectivity: if everything is connected, everything is vulnerable. Still, many organisations have been caught by surprise, and even the Imperial Army proved it was susceptible to such attack.

"With this in mind, the Rebels could use this information to ensure their systems are protected. Shifting to an identity management system would tie all Rebels to an individual digital identity that allied forces can identify and interact with. This would then allow for the seamless deployment of secure services and information across the Rebellion, linking droids, ships and devices to a single security platform that is impenetrable to the likes of Darth Vader and the Sith."

When data is unprotected, in danger you are - Michael Hack, SVP of EMEA Operations, Ipswitch

"Imagine what would have happened to the Galaxy if it hadn’t been for Luke Skywalker acquiring R2D2 and intercepting Princess Leia’s message to Obi-Wan Kenobi. What if it had been a member of the Imperial Army or Darth Vader himself? Luke would never have become a Jedi and the fate of the Galaxy could have been entirely different. In this instance, the Rebels got lucky.

"What Princess Leia (and any organisation, not just the Rebels) should do is employ a secure, managed file transfer (MFT) system. Protecting data is a major concern and more and more business systems must exchange or synchronise data across the open Internet with remote locations. The immense number of data breaches throughout 2015 alone (not to mention R2’s little indiscretion) should act as cautionary tales that illustrate the consequences of flawed data protection policies, technologies and processes.

"Similarly, it’s always a good idea to have end-to-end encryption, meaning data isn’t merely encrypted on the network, but also while sitting on storage devices or planet-hopping droids. Both Princess Leia and R2D2 should have employed better encryption because, whilst the galaxy was saved and the Dark Side defeated, Luke Skywalker shouldn’t have been able to access that message."

Securing intergalactic WiFi - Perry Correll, Prinicipal Technologist, Xirrus

"If Darth Vader taught us anything, it’s that you need a strong defensive network to keep those pesky Rebels from blowing up your moon-sized superweapon. And while we don’t advocate creating an evil galactic empire, Xirrus’ EasyPass Personal can indeed provide your network with the security users want, while making it as easy as possible for your IT team to manage the system. Get ahead of the curve and help prepare your WiFi network for the growing number of mobile devices being adopted by consumers worldwide. A secure WiFi network can help save your organisation the embarrassment and mess of getting hacked, while also giving visitors the peace of mind and confidence they need to stay connected in your store, park or café.

Public WiFi is quickly becoming the norm and will only continue to grow in popularity as more cities and businesses look for new ways to connect with people. And don’t forget that younger generations have grown up in a world that always had computers. In just a few years, there will be a whole new generation of young adults who have never experienced life without smartphones! These users expect to have constant WiFi service, just like they expect to have access to water and electricity whenever they need these resources.

This is why powerful security is a must. Most people don’t think twice about logging onto the WiFi at a local coffee shop or hotel - hey, we don’t all have unlimited data plans.

Unfortunately, these locations can be prime hunting grounds for hackers. EasyPass Personal allows users to create a secure personal network through a simple, one-time process that will give them, and your IT team, peace of mind in knowing their data is safe."

Image credit: Lucasfilm / 20th century Fox