Blockchain – you might associate it with cryptocurrencies and the infamous Bitcoin. But there’s more to it than that. Especially when it comes to using it for business. But how does it work? And more importantly, how can it help you? First, let’s make an important distinction: distributed ledger technology vs blockchain. Less of a conflict, more of an origins story.
Blockchain – the golden child
Distributed ledger technology (DLT) is an umbrella term used to describe technologies that store data transactions between users digitally. They are decentralized databases where these transactions – from purchases of cryptocurrency to supply chain interactions – are trusted, and can’t be tampered with. Essentially, they are watertight ledgers.
As the first fully-functional DLT, blockchain rose to fame for its use in cryptocurrency purchasing chains. But within the last decade, the benefits of using blockchain for business – ultimately managing data and business processes more efficiently and securely – is taking center stage. Let’s explore blockchain’s two categories: public and private.
What are public and private blockchains?
In a public system, anyone can join the network, they can both read and write transactions. These systems are decentralized, meaning no user has sole control. Once data is validated on the system it can’t be changed. Public blockchains are popular for cryptocurrencies.
Unlike public blockchains, private systems place restrictions on who’s allowed to participate. Users are authorized with credentials, issued by a certification authority. Users are then allowed different privileges, whether that’s read-only, or whether they can input transactions on the data chain.
For businesses, private blockchain systems have huge benefits – whether it’s accelerating bookkeeping or accounting, reducing indirect costs of manufacturing processes and large-scale software, or just guaranteed authentic data transactions. And they’re becoming more and more popular by the minute.
According to the IDC Worldwide Blockchain 2018-22 forecast, total spending in private blockchain will reach $US 12.4b by 2022. But who is set to benefit?
Private blockchain in action
The financial industry is leading the way for private blockchain uptake. A major benefit is reducing the cost of cross-border transactions, which accounted for 27 percent of global transaction revenue in 2017, according to McKinsey. UBS and Barclays are experimenting with blockchain to streamline back office functions and settlement, which some in the industry think could save up to $20B.
According to CB Insights, a raft of industries will benefit from blockchain, including managing music rights, ride sharing, and even controlling the source and sale of cannabis. It’s clear that many companies are realizing the positive impact blockchain systems can have on their operations.
Here’s what the Chief Information Officer for Poste Italiane said:
Blockchain is not just a buzzword or a myth anymore, it’s becoming the foundation for establishing a distributed, transparent and cross-industry interoperable ecosystem.
Chief Information Officer, Poste Italiane (Member of the Hyperledger community)
Hyperledger is a collection of platforms, hosted by the Linux Foundation, designed to solve business problems using DLT, they include Fabric, Indy and Sawtooth to name a few. Components of the Hyperledger platforms are built around the confidentiality, integrity and availability (CIA) security triad model – which makes them very effective. It’s one of the oldest security frameworks connected to blockchain structure and it helps organizations structure their security strategy, especially when it comes to protecting important information.
In a nutshell, Hyperledger encrypts certain types of data within DLT. It uses cryptographic hashing – a method of coding that converts any form of data into a unique string of text – which means you can stop people tampering with information through impenetrable encryptions. And it has a decentralized nature, which means you’ll always have timely and reliable access to data. But like all new technologies, there are risks if it’s not protected correctly.
The risks of using DLT
There are still some things that can go wrong with DLT. Notably, encryption can’t protect your data transactions from corruption against software bugs and configuration errors. Similarly, data can be tampered with when there are security network breaches. Ultimately, having a DLT in place will make your data processes safer and more efficient, but if you don’t have the right endpoint products to protect them, you could still face trouble.
DLT risks and how to stop them
DLT risks exist in three separate areas:
This is where operating systems, databases and containers live. These components inherently have vulnerabilities, so the big thing here is making sure your system software is watertight. Notably, make sure everything is configured properly – including remote access for your employees – firewalls are up and running and finally run a vulnerability scan from external and internal network perimeters.
2. Business logic
This is where your chaincode is located. Essentially, chaincode is the ‘smart contract,’ – an agreement between two participants in the form of computer code. They can’t be changed, and can be executed without a third party (intermediate). The main thing is that chaincode needs to be executed in exactly the same way by every participant (also known as a node) of the network to avoid an inconsistency (indeterminacy) among execution results. A simple example here is a use of random numbers which will produce different results every time a contract is run, so it’s best to avoid such situations and should you need a random number within your contract, supply it from outside the contract environment.
Applications are the various software development applications interacting with your DLT. These are usually end-user applications, which are vulnerable to all kinds of human-related threats like phishing or malware. When thinking about how these applications are interacting with your DLT, it’s important to invest in endpoint protection, like an anti-virus software. It’s also important to perform application security assessments, like penetration testing, to see how cyber-secure your system really is.
So that’s the benefits and the potential risks of DLTs. So you’re probably asking yourself…
… to blockchain, or not to blockchain? To DLT, or not to DLT?
Yes. If your business can justify using a DLT, and the use case is right for it, then go ahead. You’ll be able to store data transactions safely, hiding them from unauthorized users and making them hacker-proof with encryptions. Just remember: to feel the benefits you need to protect your DLT with the right security software.