When blockchain meets data breaches

How could blockchain improve security and data sharing? In part two of our interview, Andreas Freund of TCS explains
659 readers like this.
CIO Security

You’ve heard a lot about blockchain and its potential for making big changes to transactions, marketplaces, and more. But how will this technology affect your own organization during the years to come?

For perspective, we turned to Andreas Freund, Ph.D., global head of blockchain advisory for Tata Consultancy Services. Freund spends a lot of his time explaining to enterprise leaders how blockchain might affect their business and how those businesses can take advantage of this technology. In the second of a two-part interview, he shares his insights into some areas where blockchain protocols will make big changes - starting with security.

1. Security

Remember when large organizations had disaster recovery or mirror sites where their networks and data were duplicated in case a catastrophic event struck their primary data centers? The move to the cloud model, with hosting distributed over many data centers in multiple locations, made such disaster recovery facilities unnecessary.

“Our goal is to turn a billion-dollar bank into a billion one-dollar banks. The incentive to go after these little honeypots is much less.”

Blockchain could easily do the same for data security by creating distributed trust networks where there is no longer a single security perimeter. “I tell our clients our goal is to turn a billion-dollar bank into a billion one-dollar banks,” Freund explains. “The incentive to go after these little honeypots is much less than for going after one big honeypot.”

Today, a hacker might break into one system and make off with millions of identities. With blockchain, he says, “Even if you can penetrate one identity, you’ll have to extend the same effort to hack another and another.”

Decentralizing security – allowing it to be spread over many networks and in effect giving up absolute control – might be a highly uncomfortable prospect for many CIOs and CISOs. But, Freund says, it could be the only way to keep data safe over the long term. “We have looked at many, many models and found that any centralized security model won’t scale effectively,” he says. “And it will eventually fail.”

2. Sharing verified information

Then there's data sharing. “Here’s an example from healthcare,” Freund says. “When you try to look up doctors on a large insurance network, that information is very often out of date. So you have to call them to find out the current information.”

[ Read part one of our interview with Andreas Freund: Blockchain predictions: What it means to you. ]

The Health Insurance Portability and Accountability Act (HIPAA) and the Affordable Care Act (ACA, or Obamacare) put the burden on insurance companies to update information on providers in their networks, he says. But for companies managing large databases of providers, it can be challenging to keep up. “The intent is good, the outcome is not so good,” Freund says.

How can insurance carriers keep the information up to date, and make sure it’s accurate and that all listed providers are properly accredited? Blockchain can help, Freund says. “You can bring the ecosystem of payers, hospitals, and doctors, licensing and regulatory bodies together and say, ‘We can work together to create a decentralized provider registry where providers enter their information.’ They can do it from anywhere, and with blockchain, it can still be verified.”

The state of Illinois announced last month that it is launching a pilot program to do exactly that, working with the blockchain-based healthcare consortium Hashed Health.

3. Funding new projects

Some startups that might once have turned to venture capital firms, crowdsourcing sites, or even banks to fund a new company or project are now doing initial coin offerings (ICOs) instead. An initial coin offering is similar to an initial public offering, but instead of providing investors with shares, the company seeking funds provides them with tokens, usually purchased with a cryptocurrency such as ether. Tokens can act as a version of stock that can be bought and sold without involving a traditional stock exchange. Or they can function as rewards in a typical crowdsourcing campaign, exchangeable against goods or services once the project is funded.

If this sounds too exotic to take seriously, keep in mind that ICOs have raised more than $1.5 billion so far this year. And though not an ICO, Daimler turned heads when it recently issued 100 million euros worth of bonds in ether.

Minda Zetlin is a business technology writer and columnist for Inc.com. She is co-author of "The Geek Gap: Why Business and Technology Professionals Don't Understand Each Other and Why They Need Each Other to Survive," as well as several other books. She lives in Snohomish, Washington.