Even the Dark Lord of the Sith can teach you a valuable thing or two about data security.
Over the last three decades, Star Wars has maintained an Empire of geek-pop-culture dominance. While George Lucas’ creation is an epic piece of science-fiction, many have found the mythology of the popular works as a source of inspiration for everyday life. In the case of Kellman Meghu, head of Security Engineering for Check Point Technologies, Star Wars is a case study in data security.
What really sank (or, to be more exact, detonated) the Death Star wasn’t the usual suspects of Rebel scum, Storm Trooper incompetence, or even the Dark Side’s unavoidable loss to the good guys. Instead, explained Meghu, it was a series of common data security blunders made by the Sith Lord himself that doomed the ultimate battle station. Take these data security tips to heart, young Padawan, to ensure a long, illustrious reign over your information.
1) It’s better to be proactive, than to be reactive.
The first step towards data security is knowledge: knowledge of what private information you wish to protect, and understanding of where that information is exposed. The second step is to arm yourself for the worst, just in case. The Galactic Empire’s monitoring of security threats was on point — The Sith Lord knew exactly what was taken and by whom within moments. But what good does it do the Empire to know that two Droids have taken private data if there’s nothing in place to prevent them from hiding in the Tatooine deserts? Stopping data from ever leaving the premises is 1000000000000x easier than trying to track it down and get it back once it’s out.
2) Proprietary information should be difficult to access. Period.
Let’s begin with the fact that R2-D2 (who, for this argument, is the most suped-up external hard drive I ever did see) is able to connect to any ol’ terminal, scan, and download the plans to the Death Star without so much as a password. I get it, easy-access for all Galactic Empire personnel who need it is a really convenient thing. But that open availability made it too easy to fall into the wrong hands. Similarly, classified information of any kind shouldn’t be exchanged through social media, in an email, or even through the cloud. If you have information that’s near and dear to you, it should be tucked away safely, disconnected from the network, with a limited number of access points.
3) Don’t put all your eggs into one basket.
By definition, a single point of failure is the one fatal flaw that can cause your undoing. The Galactic Empire made a big bet on the Death Star platform, and while it was an effective of weapon of fear, the moment it blew up was the moment that the Empire crumbled. Now whether the Death Star itself was the single point of failure or if it were those pesky thermal exhaust ports is entirely up to you, but once the Death Star went kaput, the whole operation went with it. The lesson here is that to ensure that your personal data’s longevity, a redundant, widely-accessible backup system needs to be put in place. Whether its an automated backup system to a private network, or an analog approach to password-keeping, a backup system can save anything from your life’s work to life’s precious moments.
4) Two-factor authentication is annoying, but necessary
As this blogger so eloquently noted, “the capture of the Millennium Falcon aboard an Empire vessel should have marked a turning point, but because the Empire used only a weak, single-factor authentication system (Do they look like a Storm Trooper? Access Granted.), the band of rebels were able to not only escape but gain command of the entire Empire’s data network.”
Two-step, or two-factor, authentication is merely a process of confirming access to information through two separate verification. While it is traditional in nature, the security precaution is popping up nearly everywhere it seems, from email providers and phone carriers to social media logins and online bill pay. Yes — setting it up can be a pain, but it doesn’t even compare to the pain that identity theft poses.
5) Encrypt everything like the fate of the galaxy depends on it.
Sorry Ani, but at the end of the day, had your secret plans for the Death Star been encrypted, it wouldn’t matter that R2-D2 got his retractable little hands, erm…arms on them because he wouldn’t be able to decipher their contents. While the Empire gets points for physical security, they paid the price for not defending their data properly with a scambler or a VPN. (See also: Sign-up for our XL Powerpack and score a free VPN)
There is a valuable lesson to be learned from Star Wars: No matter if you’re working to create and maintain a ruthless Empire, or if you just want to ease your mind in the Digital Renaissance, you can greatly benefit from better data security