Last year broke all records for data breaches according to IBM X-Force Threat Intelligence Index . With over four billion records stolen last year,businesses have an increasing financial incentive to protect their data.
A number of industry guidelines and government compliance regulations mandate strict governance of sensitive or personal data to avoid data breaches. Within a corporate environment, for example, the Payment Card Industry Data Security Standard (PCI DSS) dictates who may handle and use sensitive PII such as credit card numbers, PINs and bank account numbers in conjunction with names and addresses. Within a healthcare environment, the Health Insurance Portability and Accountability Act (HIPAA) regulates who may see and use PHI such as name, date of birth, Social Security number and health history information.
A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property. In spite of following all well known guidelines and implementing DLP software products, organizations are facing huge problem of data breach. Many times data breach is done by insider to the organization and hence this makes it very difficult to prevent the data breach.
Traditional encryption for data-at-rest and data-in-flight rely on a robust encryption algorithm, centralized encryption key management, and thorough auditing to make sure everyone is playing by the rules. Blockchain has the capability to remove the need for a trusted third party with data sharing and enhance auditing capabilities for organizations to quickly spot inside and outside threats.
How Blockchain can prevent data breach-
Blockchain is a distributed, immutable database (open distributed ledger) that is autonomously managed without the need for a trusted third party. This makes it the ideal candidate for a variety of data security applications and the information security world has already begun to take notice.
It’s core algorithm relies on two kinds of records: individual transactions and transaction blocks. Blockchain’s code first makes each transaction into a unique hash value. The hash values are then combined in a hash tree, or Merkle Tree, with a specified group of hashed transitions creating a block. Each block is given a unique hash that includes the hash of the prior block’s header and a timestamp.
Since each block’s header includes the hash of the prior block, the two are linked, creating the first links of a chain. Since this chain is created by using information from each other block, each link is immutably bound together.
If any hacker has to hack and tamper Blockchain data, then the hacker has to decrypt the block which is hashed with a strong algorithm which is very difficult. More ever this block has link to previous block and hence the hacker has to hack the previous block and previous block and previous block .. and decrypt all these blocks in a single run makes it impossible to hack.
The Blockchain revolution is just in it’s infancy. Venture capitalists worldwide are pouring billions of dollars into research and development. As well they should, as Blockchain promises to address some of the vulnerabilities of our current data security.
Read my other articles in blockchain series –