October 18, 2016

Blockchain and the new era of trust

Markus Melin

Head of Tieto Security Services, Tieto

There is a vibrant buzz on blockchain that has reached our Northern shores as well.

For those of you who aren’t familiar with the term, here is a short explanation: a blockchain is a system that organises information about transactions between multiple and linked parties using encryption. It is a way to store and exchange information intact in a network consisting of inherently untrusted participants.

A blockchain organizes the information into entities called blocks. Each change in the chain is visible to all participants and builds on the previous block, making sure that no unauthorised manipulation of data can take place without it being noticed. Authenticity of the information stored in the blockchain is therefore secured only using the capabilities of the blockchain itself, without any external supervising authorities.

There are at least two levels to the current discussion.

There’s the pure geek level that covers all the technical aspects and details of this new architecture of securing a broad range of transactions in our beloved Internet. Then there is the more practical scope: what kind of business implications could blockchain technology bring?

World Economic Forum has gone quite far and labelled blockchain a megatrend. At the moment, especially the financial sector has seen great possibilities in securing financial accounting and transactions with the technique.For example, Overstock is the first major stock trading platform built on blockchain. Many other traditional financial players, notably including major stock exchanges and banks, are investing to the technology.  Also most digital currencies, including Bitcoin, use blockchain technology as their foundation.

Blockchains are about trust and thus the technology could be applied to the security field as well. Security is, after all, mostly about managing confidence.

As we have written also before, it might at present take a very long time to notice a data breach in an organisation. This is typically due to the combination of poorly managed access rights, complex data architectures and a false assumption of trust inside the enterprise perimeter.

Blockchain could be a true remedy to this problem.

As the value of each block in a chain has a cryptographic signature, is based on all previous blocks in the chain and has been independently verified by multiple independent instances in the network, nothing irregular can happen without leaving evidence.

For example, if all critical data accesses within an enterprise would be recorded in a blockchain this would make data manipulation near impossible. Instead of relying on the lack of evidence and the assumption that they have not been breached, enterprises would now have clear and undisputable record of whether a breach has or has not happened. This would not only dramatically reduce the time it takes to notice a data breach but would also greatly increase trust across entities collaborating on a blockchain network: compromising one organisation’s data could be immediately traced from the other counterparts in the network, thus benefiting all participants.

It is early days for utilising blockchains in the security industry. But the benefits are so obvious across a number of applications that it is just a matter of time before the security industry follows their financial counterparts to blockchain adoption. At best, distributed trust networks based on blockchains can create entirely new types of security ecosystems. Ecosystems, where the total exceeds the sum of its parts.

World Economic Forum has predicted that the tipping point for blockchain technology will happen in 2027. It may seem like a long way ahead but for those who want to be in the forefront, the time to start thinking differently is now.

Read more about our security approach here.

Stay up-to-date

Get all the latest blogs sent you now!