How Blockchain Impacts Enterprise Security and Operations
The continued expansion and use of cryptocurrency has always experienced growing pains, as recent events in 2022 show. But look further back to the major burst of 2018 and you’ll see that crypto has a way of bouncing back—even amid global economic downturns.
The potential for the blockchain technology behind it, is just getting started, especially within the enterprise. The same benefits blockchain technology provides crypto—reliability, efficiency, transparency—can support enterprises to increase efficiencies, reduce costs, create new markets, and ultimately improve the bottom line.
The adoption of blockchain is neither linear nor smooth, but one of the benefits of a burst bubble, or a deflating bubble, if I’m being optimistic, is the separation of wheat from chaff and the fakers from the genuine. I firmly believe blockchain will prove its resilience and use to a growing number of enterprises and public sector bodies around the world – especially when it comes to automation of data transfer and exchange of value.
In this article, we’ll review some of the foundational concepts related to blockchain technology and what Kudelski Security is doing to help enterprises securely deploy blockchain technology to improve operations.
- Kudelski Security’s Blockchain Security Center
- What is a blockchain?
- Is blockchain inherently secure?
- Three Considerations for Enterprise Blockchain Adoption
- Get in Touch
Table of contents
Kudelski Security’s Blockchain Security Center
It is with the benefits of blockchain in mind that Kudelski Security launched our Blockchain Security Center in early 2019. The BSC is wholly committed to helping the enterprise deploy, validate, and secure blockchain ecosystems.
Through our work over the past year and a half, our team has come across common scenarios, use cases, and ultimately, solutions to help enterprise adopters confidently design, develop, and run secure blockchain technology.
These solutions address pain points that are specific to the enterprise implementation of blockchain. Where previously, blockchain primarily supported one-to-one transactions, the stakes are much higher and the scale much bigger at the enterprise level.
We’ve seen three main factors emerge that enterprises need to bear in mind when exploring secure blockchain implementation:
- code validation,
- global scalability,
- and proof of provenance.
We’ll explore each of these a little deeper later in this post, but first, it is important to understand some foundational concepts about blockchain.
What is a blockchain?
A blockchain is a mathematically protected database that uses hashes, signatures, and algorithms to create a fixed record of transactions, known as a ledger. As transactions occur, a hash is generated that links it to the transaction before, creating a chain. If information within the chain is altered, the mathematical algorithm breaks in a way that indicates data has been tampered with. It’s complicated stuff, but with mathematics proven true – we know that we can trust information on a blockchain to have not been tampered with.
A blockchain is a mathematically protected database that uses hashes, signatures, and algorithms to create a fixed record of transactions, known as a ledger.
Is blockchain technology inherently secure?
While blockchain comes with some built-in protections, it does not inherently mean the processes and technology around it are secure. Therefore, security of the entire blockchain ecosystem must be considered.
While blockchain comes with some built-in protections, it does not inherently mean the processes and technology around it are secure.
Not only that, but the applications making decisions based on information stored in the blockchain can also only be as good as its underlying algorithms. If those aren’t secure, or if they don’t do what they say they will do, blockchain cannot be viable in the enterprise. That foundation is essential, and it is the foundation that we’ve built the BSC on.
Three Considerations for Enterprise Blockchain Adoption
In our work in the BSC, many of the enterprise client requests we have encountered involve at least one of the following activities:
- validating the blockchain
- scaling the blockchain
- proving provenance in the blockchain
For good reason, too. Each of these activities is essential to ensuring processes and technologies deliver the uninterrupted, enterprise-level service customers and the business rely on.
1. Validating the Blockchain
Blockchain is only as good as the math it runs on, right? For blockchain technology vendors and customers, validating that the blockchain does what it is supposed to do is critical to establishing and maintaining trust. The abstract, distributed nature of the blockchain makes it difficult to assess without deep expertise in cryptography. Private versus Public blockchains each come with benefits and risks, but the underlying mathematics, consensus, and provability must be shown to meet your standards.
I am lucky to work with some of those experts who can validate a chain. They are able to audit nearly any type of blockchain code or cryptography in order to perform assessments of existing blockchain architectures or to test new technologies. For example, a vendor could claim that their blockchain consensus mechanism is technically better and less prone to attack, but they have no way to prove that to clients. A code audit can verify those claims and create that trust.
2. Scaling the Blockchain
Blockchain is an immature technology that wasn’t necessarily built with the enterprise in mind. For one-to-one cryptocurrency transactions, a personal wallet or ledger sufficed.
However, as blockchain expands into digital asset custody for financial institutions or transportation monitoring for the supply chain, the number of transactions, users, locations, devices, etc. involved in the process multiplies.
These processes can be critical for quality and integrity of service. Any usable blockchain ecosystem must be designed to support and integrate with the global architectures, access management, and IoT platforms they interoperate with.
3. Proving Provenance in the Blockchain
Provenance in the blockchain means tracing the origin or authenticity of an asset or data as custody is transferred through digital means or physical supply chain. It is a record of what an asset is, where it came from, and where it has been. As enterprises rely more on blockchain technology to automate processes and decision-making, proof of provenance ensures operational efficiency and reliability.
Take, for example, our supply chain scenario. Blockchain could facilitate an automated decision for whether to pay a delivery truck driver. Each transfer of the asset is recorded in the blockchain.
If the asset is what it is supposed to be and comes where it is supposed to come from, then there is no reason not to pay the driver. If, however, the asset has been tampered with, the blockchain would “break”, and payment would not be issued.
Get in Touch
If your organization has deployed or is thinking of deploying blockchain technology, our team would be happy to talk through the above solutions or any other requests you might have. Not only do we bring blockchain and cryptographic experience to the table, we have the expertise and services of the entire Kudelski Security team to help you securely integrate blockchain into your enterprise architecture. Get in touch with our team here.