Blockchain is developing as one of the hottest cybersecurity and information-sharing solutions right now, encouraging organisations to take their security more seriously. In fact, while the word ‘security’ has previously been used by companies as an excuse to avoid specific details, blockchain has piqued the interest of many consumers, with many keen to understand what the technology is and how it can impact how their data is managed.
The core idea of blockchain and its decentralised and distributed nature is a great concept, especially in sectors where there is an open network of millions of transactions like the popular cryptocurrency Bitcoin. However, there are still many important issues that need to be considered before overcommitting to this technology.
Although initially implemented as a core component of Bitcoin to store and send cryptocurrency, blockchain technology has continued to develop and people are starting to use it as a means to enhance their cybersecurity. In basic terms, blockchain enables a single version of transactional truth: an unchangeable, universally visible ledger that creates its own audit trail, decreasing the possibility of backdoor transactions that most digital transactions face. As such, the information stored in blockchain is secured through a complicated cryptography, and in theory it should be impossible to break or modify the data. However, recent research estimated that bitcoin exchanges may have been involved in up to 60 high-profile hacking incidents since the digital asset class was created in 2009, with the most recent breach involving the loss of 119,756 coins worth $70m.
With this in mind, it might be too soon to applaud blockchain as the end to all security woes. While blockchain is a distributed database, or put another way, a ledger, it is a great tool to help prevent data leaks from data in transit. However, it does not secure the end databases, as it cannot protect data at rest, while it sits in a data center. As can be seen with the number of thefts of Bitcoins from the Bitcoin exchanges, this is where blockchain adoptees need to be diligent.
Another major issue that blockchain faces is in its private key and wallet software system. Private key acts as a form of signature that users must use to send out a transaction. This means that anyone with a possession of a private key can complete a transaction. In theory, anyone who knows your private key can steal from you. You can of course choose not to share your private key information with anyone, but obviously, in the case of death, that information then dies with the user and all the bitcoin will be lost.
Another option is to to store your private key in an encrypted software wallet file. Any hackers wanting to access your files would need to decrypt it. However, wallet backups can potentially leak private information. Although encryption can reduce the risk, it has been proven it cannot be eliminated altogether.
Users put a lot of trust into the fact that these digital currency exchanges based on blockchain have the right security protocols in place, yet time and time again they have been shown that they are breachable and your money could easily be stolen
Lack of regulations
What’s more is that there are no regulations or reimbursement structures in place yet, so when blockchain and cryptocurrencies experience security issues, the question of ownership comes to the forefront. In fact, there is still a lot that remains unsettled when it comes to regulation statuses, and there are no current rules around offering insurance on digital currencies.
Blockchain allows autonomous transactions, which enables freedom in transactions, but on the other hand, if an organisation does something illegal, who is to blame? When transferring a large amount of cash from point A to point B, would you not want to have some sort of regulation or recovery policy to back you up? More importantly, knowing the identity of your customers is vital when transferring large amounts of money. Responsibility will need to be a core piece of the puzzle worked out before companies should start integrating blockchain as a foundation for their transaction strategies.
The way blockchain based-transactions are set up now, no one will step in to help, and that is too great a risk for the public.
As such, individuals and organisations should employ a more holistic approach when securing their data by examining the various security solutions available. While there are both advantages and disadvantages to blockchain, one thing is clear; as an industry, we need to look at all the solutions available – not just lay all of our eggs in one basket – and find ways to secure our information end-to-end and not just settle for the solutions that are hot for the moment.
Simon Bain, CEO of BOHH Labs
Image Credit: Zapp2Photo / Shutterstock