What Blockchain-based Projects Must Consider
With the explosion of distributed ledger technology (DLT) as a safe and secure solution for transparently handling and sharing information across organizations, many businesses are jumping on the DLT bandwagon. Proponents of the distributed ledger technology known as blockchain consider it to be one of the best ways to secure transactions.
But while blockchains have many desirable features, such as transaction efficiency, there are still other conditions and requirements to consider when leveraging blockchain technology for business. The publication of DTCC's most recent paper on the matter outlines key risks associated with the use of the nascent technology and an acknowledgment of the many security risks still associated with its use for both small businesses and enterprises alike.
“With the adoption of DLT across the financial services ecosystem likely to continue to increase in the coming years, we need to be certain that all DLT-related security risks are identified and addressed to maintain the safety and stability of the markets,” said Stephen Scharf, Chief Security Officer at DTCC.
With hundreds of new blockchain-based products released each year, many of today's development teams don't consider the security risks associated with the use of DLT early enough on in the project development cycle. Infosec usually isn't on every founder's mind when they start projects, especially when it comes to pilots. Once things are in the air, often they are forced to take a few steps back once they realize they hadn't considered security performance and infrastructure from the get-go. Interestingly, the same is often true for blockchain vendors who are in a rush to get their products deployed.
The fact of the matter is, most don't consider the fact that all blockchains aren't created equal. It’s important for businesses to be aware of this fact when evaluating whether the technology they've chosen will have the proper security measures they require - both internal and regulatory.
For fintech solutions looking to meet security regulation standards, opting for a simple cloud-based solution often can do more harm than good. Trusting cloud providers can be risky business - or better yet, a major risk for your business. However you choose to look at it, while many cloud providers promise to keep highly sensitive data secure many also fail to do so as the recent WSJ's Cloud Hopper investigation revealed.
When establishing a private blockchain, businesses must consider the best platform for deployment. While blockchain has inherent properties that provide security, known vulnerabilities in any infrastructure can be manipulated by those looking to get their hands on yours or your customer's data.
Ideally, you should have an infrastructure with integrated security that can:
- Prevent even root users and administrators from accessing privileged information.
- Prevent illegitimate attempts to change data or applications within the network.
- Protect encryption keys using the highest-grade security standards.
Considering these capabilities before developing your DLT-based solution will ensure your blockchain network has the added protection it needs to prevent attacks from both within and without.