Blockchain, or more broadly, distributed ledger technology (DLT), is no longer simply a curiosity to think about – it’s here to stay. Though estimates from analysts vary, most agree that the global market for blockchain technology will be worth over $20 billion by the end of 2024. While there are a number of interesting use cases, perhaps one of the most interesting ones is data security.
In 2018 alone, there were around 1,250 data breaches in the United States, and this trend is only continuing to worsen year over year. If distributed technology ledger can mitigate this, even just a little, companies will want to invest in whatever solutions DLT might offer.
What is Blockchain/DLT?
Distributed ledger technologies, including blockchain, can be used to keep data and information secure. DLT applications function much like traditional applications, but offer a unique replacement to the data layer that is designed to manage and secure transactions.
In DLT, the ledger is essentially the log of all transactions. Instead of living in one central database, the information is distributed across a network of nodes. Each node is kept in sync with all others.
In a blockchain, the transactions themselves are stored on encrypted blocks of data. The transactions are validated through a consensus mechanism – a mathematical formula which is then sealed with a unique cryptographic “hash.” Each block also contains a hash of the data in the preceding block, meaning DLT is write-only and one can’t be deleted. Each time the chain is updated, the new hash contains the hash of the previous block. This forms a chain, thus the name blockchain. All nodes on the network receive a copy of the block and verify it to ensure that it’s secure and valid.
Blockchain is just one type of distributed ledger technology. Another popular version is Hashgraph, which utilizes a different means of consensus to validate transactions. Hashgraph and other similar Directed Acyclic Graphs (or DAGs) solve some of the time and processing constraints that can be an issue with blockchains.
There are two types of distributed ledger networks: public and private. In public ledgers, anyone can join the network and add a node onto it. In private permissioned ledgers, users must have permission to join the network and add a node. In either case, DLT solves the issue of trust: public ledgers enable two parties who don’t know or trust each other to transact securely, while in private ledgers, the participants already have a degree of trust, but require additional layers of provenance and security.
Securing Data with Blockchain
Whereas data in traditional databases can be deleted or manipulated without consequence, data in a DLT, as stated above, cannot. Whenever a transaction is processed, it must be transmitted to every member of the network and they each must verify the transaction to ensure that it hasn’t been tampered with. Each transaction that is added needs to have the entire network validate it using a consensus mechanism. If anyone attempts to create a fraudulent transaction, they need to trick a large enough percentage of nodes on the network to achieve consensus. Therefore, creating fraudulent transactions is extremely difficult, making the success of such attacks nearly impossible.
The hash code in DLT also helps to increase security, as each node has a unique code to identify it, which also contains the hash of the node that came before it. This makes it easy to track changes in the network. Each transaction is, in-essence, time-stamped and tamper-proof, providing an auditable, immutable chain of custody around who made changes to the data and when they occurred. This helps to detect when anomalies appear and which user was responsible for the fraudulent data. All data stored in the system is also highly encrypted, making it difficult to hack the system and steal the stored data.
In security, one looks at attack vectors. Normally, the fewer paths of possible penetration, exposed surfaces or attack vectors, the better. However, recent history has shown us that often times the reverse can be true. When bad actors—hackers— know which database or company they want to attack, they can concentrate their efforts. They know where to look. One of the advantages of DLT is there are countless nodes. It becomes mathematically challenging, if not impossible, to coordinate an attack when there is no central repository of data. It is difficult to know where to focus an attack.
Why You Need DLT
As more data is created and shared, users are becoming less trusting of how organizations are using and securing their information. The fact that DLT can improve this, perhaps even giving users more control over their own personal data, is potentially game-changing. For companies in highly regulated industries, such as finance or healthcare, blockchain also allows for a greater ability to meet regulatory requirements on how data is stored, managed and accessed.
As the broader business and technical community continues to discover the capabilities of blockchain, and gain comfort in implementing it, we will see an increased shift towards DLT based solutions to secure the most valuable asset of the digital age: information.