What Star Wars teaches us about the importance of infosec
How confident are you in your business’s information security and data protection measures? This is not a question to be taken lightly – with businesses becoming less reliant on the office, access to data is more widespread and more vulnerable. And it only takes a small weakness to turn into a potential threat with serious consequences to your operation.
To highlight the importance of having up-to-date, comprehensive infosec strategies in place, let’s take a look at one of the most famous failures in data security. One which occurred a long time ago, in a galaxy far, far away…
Case study: Galactic Empire
Project: Death Star
An armoured space station with enough power to destroy an entire planet, the Death Star was supposed to be the Empire’s crowning glory, creating enough fear to keep the regional governors of the former Old Republic in line and ensuring that no star system would dare oppose the Empire.
But like many large developments the project’s data became a target for cybercriminals, resulting in the early leaking of plans before the station was fully operational. This leak would become fatal, not just from a PR standpoint, but literally as the information would be used by those who opposed the project to find a fault with its construction and, well, blow it up.
There was no recovery for the business (empire) from there – despite multiple attempts to restart the project it was never completed and the business (empire) was ultimately shut down. Some blamed poor management, some blamed the workplace culture (the lack of faith shown by some of the staff was described as “disturbing”), but ultimately a failure to keep important data secure was the ultimate undoing of the Empire.
How Zeus could have helped
Zeus Technology Solutions could have worked with the Empire’s project leaders to locate and eliminate weaknesses and threats before they became an issue.
An on-site gap analysis would have helped locate the source of any weak points which we could have delivered as a comprehensive report to the project leaders, Mr Vader and Mr Tarkin.
From an initial analysis of the events that occurred during that particular Star War, these are some of the solutions we would have implemented immediately:
End-to-end encryption
The act of applying encryption to messages and data so that only the device to which it is sent could decrypt and read would have been particularly useful to the Empire. This is a key feature of communications software such as WhatsApp or Zoom, neither of which were being used by the Empire, since vital data was easily transferred across multiple devices including the droid R2D2 and whatever OS the rebels were using in the Yavin 4 base.
Cloud data storage
According to Norton security: “Information stored in the cloud is likely to be more secure than are files, images and videos stored on your own devices.”
Cloud storage is more common than ever thanks to the recent increase in remote working and the need to access data from away from the office. But it also has security benefits due to the increased measures taken by cloud service companies including large scale encrypted servers that few workers have access to.
But, as depicted in the 2016 documentary Rogue One: A Star Wars Story, the Empire remains reliant on their own servers which quickly presented a security threat. Rebel cybercriminals knew exactly where the data was archived and were actually able to walk away with the physical storage device it was kept on.
Not only was this a security disaster, but the archives themselves were later totally destroyed, meaning all that information was lost. Having all your information in one place? Not a good idea.
Passwords and authentication
Couldn’t be more basic. Password protect your files to prevent others from accessing your data. This has been the golden rule since the early days of computers but it’s still something the Empire failed to implement in their workplace.
So the rebels had broken into the archives, stolen a storage device, copied the data on to their own drive. All problematic but not disastrous if the files had simply been password protected, preferably with a two-factor or biometric authentication requiring Darth Vader to confirm access from his mobile phone (which we assume is built into his helmet).
Resolve past errors
This is less of a security tip and more just sensible advice. Because if you’ve been the victim of a cyberattack and you’re able to bounce back from it and restart your project, you should learn from your mistakes and ensure that this doesn’t happen twice!!
Because that’s what the Empire did when plans for the second Death Star were once again stolen by rebels (albeit costing them the lives of many Bothans).
Contact Zeus
Whether you have a galaxy-spanning Empire or a legal business, you can benefit from information security solutions. Zeus Technology Solutions can work with you to integrate the latest infosec strategies into your operation and secure your data from cyberattacks and rebel scum.
Contact Zeus Technology Solutions today to find out more.