MERIT Solutions Blog

MERIT Solutions has been serving the Chesapeake area since 1982, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Sorry Han, When it Comes to Security, You Need to Know the Odds

Sorry Han, When it Comes to Security, You Need to Know the Odds

Star Wars is a cultural phenomenon. For the past 40+ years audiences from all around the world have become enthralled with the characters, the story, and the technology that existed a long time ago in a galaxy far, far away. Who knew that it was also a wonderful lesson in modern IT security?For today’s blog, we look at three situations that happened in Star Wars: A New Hope; and, how, if proper IT strategies were put in place, the Empire would have been able to protect its greatest asset.

A Little Background
For those of you who have spent your lives living on Dagoba and haven’t seen the original Star Wars movie, subsequently titled, A New Hope, the story follows a young pilot named Luke Skywalker, whose guardians are murdered by soldiers of the Imperial Army, who were looking for two droids Luke’s Uncle Owen purchased. With the help of an old hermit, Obi Wan “Old Ben” Kenobi, Luke sets out to join the rebellion led by Luke’s sister Leia (although they don’t know they are related).

The Empire has developed a new type of battlestation called the Death Star, which is a moon-sized behemoth equipped with a Superlaser, which was soon used to obliterate first Jedha City (Rogue One) and eventually, Leia’s (adopted) home planet of Alderaan. Knowing that having a weapon with that kind of destructive power would be the end of the rebellion that was underway by a pro-democratic coalition called the Alliance to Restore the Republic (or Rebel Alliance). The plot of A New Hope centers around the rebellion attempt to neutralize the Imperial’s Death Star.

Security
A team consisting of former smuggler Han Solo, the Wookie Chewbacca, serial-whiner Luke Skywalker, Jedi Obi Wan Kenobi, and two droids C-3PO and R2-D2 set out to save Princess Leia Organa from a cell on the Death Star. Today, we’ll take a look at how the Empire's security procedures made it possible for the rebellion to get Leia out of there, while simultaneously destroying the battlestation and throwing the Empire into chaos.

Unprotected Endpoints
Star Wars - Obi Wan Kenobi was a wanted man by the Empire after he defeated Anakin in a duel on Mustafar (Revenge of the Sith), so even though it was decades later, he would have to be careful. When he’s stopped by Imperial Stormtroopers, he was able to use the Jedi Mind Trick to spoof their thoughts and get past the checkpoint.
Real World - Having a thoroughly controlled authentication protocol is an important part of keeping your data and infrastructure secure. Passwords, biometrics, and other forms of authentication have to both work for the users, while also being complex enough to keep unwanted parties out.

A Complete Lack of Segmentation and Lack of System Encryption
Star Wars - Once the team gets to the Death Star, they gain access to a control room where the droids begin to access the Death Star’s system. As soon as he’s hooked up, R2-D2 has complete access to the whole entire network without any form of authentication or protection.
Real World - Having some segmentation to your network allows you to pick and choose who can access certain information and who can’t. No matter who can access information, your network data needs to be encrypted to ensure that just anyone can’t access all the sensitive information on it.

Ignoring CISO at Great Peril
Star Wars - The Admiralty of the Imperial Army did not want to hear that there was a possibility that the rebels had found, and could execute sabotage, on a vulnerability. So much so that Grand Moff Tarkin scoffed when he was approached about the potential vulnerability to the battle station. Nothing was done with that information and it resulted in the first Imperial Death Star being destroyed, and the death of all Imperial staff onboard.
Real World - It is very, very risky to ignore the vulnerabilities in your network, as the more open your network is to outsiders, the larger you risk being infiltrated. Keeping your network and infrastructure up to date with the latest patches and security protections is a must to keep your organization from being put in precarious positions, or from being destroyed outright.

No matter what you think about your organization’s network security, you can learn a lot from the negligent manner the Empire went about securing their important assets. If you are looking for some help with your organization's security, whether it be physical or virtual, call MERIT Solutions’s professional security technicians today at (757) 420-5150. May the fourth be with you!

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, 21 May 2018

Captcha Image

Tag Cloud

Security Tip of the Week Best Practices Technology Cloud Privacy Business Computing Network Security Hackers Malware Internet Software Hosted Solutions Business Management Backup google Productivity Managed IT Services Mobile Devices VoIP Microsoft Disaster Recovery Computer Business Continuity Outsourced IT communications Business IT Support Windows 10 Cybersecurity Email User Tips Hardware Innovation Productivity IT Services Cybercrime Data Backup Efficiency Saving Money Mobile Device Management Windows Mobility Small Business Managed IT Apps Server Ransomware Operating System Law Enforcement Internet of Things browser Data Recovery Data Smartphone Save Money Telephone Systems Android Tech Term Virtualization Cloud Computing Data Security Smartphones Passwords Hosted Solution Quick Tips BDR Phishing Money Information Technology VPN Recovery Password Microsoft Office Holiday Office 365 BYOD Automation Chrome Communication Data Breach Best Practice Social Media Risk Management Unsupported Software Facebook Government Budget Data Management Work/Life Balance Network Update Cost Management Collaboration Gadgets Wi-Fi IT Support Google Drive Hacking Avoiding Downtime upgrade Alert Social Vulnerability Health Miscellaneous Two-factor Authentication Managed Service Provider Computers Wireless App Proactive IT User Error The Internet of Things Identity Theft Employer-Employee Relationship Flexibility Shortcut Data Protection Firewall Workplace Tips Application Antivirus Current Events Wireless Technology Audit Social Engineering Windows 10 Personal Information Telephony Streaming Media Politics Spam search Applications Private Cloud Office tips Managed IT Services Cleaning History USB Save Time Phone System OneNote Computer Care Legal Users Encryption Humor Data Loss Disaster Blockchain Marketing Artificial Intelligence Big Data Google Docs Gmail Mobile Security Sports Devices Tech Support IT solutions SaaS DDoS Hacker Redundancy Internet Exlporer Samsung Solid State Drive Content Filtering Commerce Fraud Battery HaaS Television Cortana Patch Management Compliance iPhone Apple Mobile Computing Automobile Transportation WiFi Value Project Management Excel Going Green Wireless Charging Robot Bandwidth Saving Time Data Storage eWaste Office End of Support Remote Computing Laptop Google Maps Video Games Uninterrupted Power Supply Content Filter intranet Running Cable Server 2008 Specifications Virtual Reality Screen Mirroring Sync Computing Dark Web Ali Rowghani Scam Networking Music Touchpad Software as a Service Monitoring Meetings Trending IT budget Emails Reputation Sales Cast Adobe Analysis Employer Employee Relationship Advertising Workers Analytics Management Settings Maintenance server installation dvd "cannot install required files" Keyboard Retail Instant Messaging Data storage Licensing App store WannaCry stock Computer Accessories Updates Worker Commute Financial Technology Device Security Mobile Device Identities Webinar Administration Conferencing Managing Stress Chromecast HBO Mobile tweet Microsoft Word Books Microsoft Excel Scalability Printing IoT IT solutions calculator Hiring/Firing Colocation Gifts Education Professional Services Router Identity Twitter Vendor Management Hard Drives control File Sharing How To Files Google Assistant Spyware Lithium-ion battery Language Windows 10s Benefits Administrator IT Management Travel Data Privacy Nanotechnology WSJ Unified Threat Management Exchange Storage Computer Forensics Hard Disk Drive Distributed Denial of Service altivista Relocation Credit Cards Access WIndows Server 2008 Entertainment Tablets Hard Drive Root Cause Analysis Training Upgrades SBS Electronic Medical Records Edge Virus compaq FAQ Point of Sale HIPAA NFL Chromebook Augmented Reality Company Culture PDF Touchscreen Wearable Technology Consultant Safety Lifestyle Black Market Business Intelligence Ciminal Outlook Proactive hp Smart Technology Charger Word Avoid Downtime Smart Tech Text Messaging domain Legislation Shadow IT Managed IT Service Websites iOS Document Management Experience Windows Ink Connectivity MSP remote Comparison Regulation Data Theft Computer Fan Yahoo Evernote Worker Thank You Cache Monitors Congratulations Remote Monitoring Emergency CrashOverride

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Anna Jackson 5 SEO Tools To Get a Google-Eye View of Your Website
15 September 2017
Hello Randall! I was doing very important work but due to your subject I felt better to stay at you...
David Miller Not all project-management tools are right for all businesses
25 August 2017
All the points depicted by you in this blog is v.apt. I love the title of this blog because it says ...