Adam Mazzocchetti Securely auditing a blockchain smart contract

I want my clients data to be secure!

Adam Mazzocchetti Blockchain Security

Unfortunately, third-party data breaches that cost large companies millions of dollars and affect 4.9 million people, such as the recent incident at Marriott Hotel group are all too common. We have been familiar with a number of high-profile companies in recent years that have leaked data about their customers through third-party security vulnerabilities. 

The unfortunate reality is that these kinds of security flaws occur again and again, and companies can do much more to reduce the risk. Consumer confidence is undermined when data is exposed through third-party security vulnerabilities, such as the recent Marriott Hotel Group breach. 

Today, there are new solutions to combat data breaches, and companies could transparently control the transfer of data from their own organisations. You can no longer blame external parties for getting data into the hands of a company, as was the case with Marriott Hotel Group. 

A Blockchain System can Prevent a Security Breach

Blockchain technology can do just that and restore trust by showing consumers exactly who has access and what personal information is shared. By requiring access to data on smart contracts, which are guaranteed to be executed, the scope for human error and compromise is reduced. 

Consider this: every time a company accesses an element of personal user data, it is guaranteed to be timestamped and stored on a public blockchain where it cannot be altered. Data access logging is part of the solution and provides users with complete transparency by recording how often their data is accessed. 

The second part of the solution is access control: the end user can revoke access to the company at any time. Revoking access does not require cooperation from the company and can be completely one-sided. 

Together, these two parts transfer the ownership of data from the company to the user, and access control essentially guarantees users the right to be forgotten. The liability of the company as custodian is reduced when ownership of the data is no longer in the hands of a company. 

As owners, users are no longer held in prison and are free to decide whether they want to move their personal data elsewhere. The benefits for users go beyond protection against abuse, but also to the security of their data and privacy. 

One of the great advantages of public blockchains is that a fully public database cannot be manipulated or controlled by outside parties. Future access to your data is guaranteed as long as it is stored by a demonstrably impartial and decentralised third party. Some argue that blockchain technology can be vulnerable to bad actors, but transparent and illegal blockchain solutions can create a layer of untrustworthy security. 

Can I Trust the Data Integrity?

As it stands today, consumers and app users enter data in the same way that they open a bank account or enter their personal information into an app. This personal data ends up in a company database, but consumers do not really know what happens to them afterwards. 

Even if an app agreement says that data may be shared, consumers are unlikely to read the fine print. Cambridge Analytica’s User Data Mining is a perfect example of where users “data is at risk of being misused and misused. More than 50 million Facebook users have been manipulated by accessing their personal information – while Facebook argued that it has breached its terms of service. 

We want to trust that companies and app developers will protect us, but time and again this “black box” approach has led to data leaks and has proven to be a failure. 

In fact, some of the largest and most secure companies, including banks, have no way of guaranteeing that they will not be hacked. Last August, Capital One suffered a hack that revealed the data of 106 million users. These users did not know their credit card numbers, bank account information or other personal information. 

A public blockchain can restore trust: companies can indicate that data is being shared, and a neutral third party can verify. This keeps data private and provides an alternative to the black boxes used today, such as credit card numbers and bank account information. 

Privacy 

A common question is: How can an unauthorised public blockchain respect users “privacy? If the database is publicly accessible, how can you guarantee that personal user data will remain private? 

This misconception is similar to the company’s original fear of the Internet, but it is a misconception that has persisted for decades. If the “Internet” is a public network that connects the whole world by connecting to it, then the data of an entire organisation becomes public. 

Relying on public infrastructure does not require the data to be public, which is, of course, the answer. Access to data on the Internet is controlled by a variety of tools such as firewalls, but public blockchains also control access to private data using a variety of technologies. 

These include hacking sensitive data, encrypting it and using zero-evidence knowledge that provides certain guarantees about the underlying data without revealing it. Blockchain technology encrypts and shares a reader – only computers that keep records secure increase security beyond impenetrable walls and gatekeepers, so companies can become targets for security breaches. 

The core value of blockchain is full accountability: end users can fully verify and verify that the system is actually working as advertised and verify it. 

There is no reason to trust a human operator to do his job properly or to fear that he will be compromised. If that is the case, what confidence do we have in the security of our data and the integrity of the blockchain? 

As companies move toward 2021, they should think about how to consciously combat data breaches, because if they blame third-party vulnerabilities, they will not be eliminated. Future – Thinking companies that opt for public blockchains early will see a competitive advantage that will bring them more customers over time, but don’t forget to make sure you securely plan your blockchain.