How can organisations investing in Blockchain solutions prepare their security team for the impact of the technology?
Craig Nel, Mobile and Cognitive Experience (MCX) Leader at Oracle Middle East, Africa and Turkey.
While Blockchain is widely seen as one of today’s most disruptive emerging technologies, there is still a limited understanding about it, with business use cases tending to be of a high-level view with little clarity given on the core aspects and any potential trade-offs of implementation.
This is an issue, given that there are many technological elements required to build a Blockchain solution, and being early in the life cycle, in many cases, the exact solution required does not come as an off-the-shelf answer.
A big challenge for many organisations is where to start.
What to consider before implementation?
With Blockchain, enterprises will be looking at massive changes to their business models, the key will be interoperability across the Blockchain, regardless of the entity; and that will depend on protocols.
In a consortium model, organisations in a Blockchain network will need to develop a governance framework that includes legal agreements, rules for joining, arbitration and revenue models that specify who pays for and operates the network.
Perhaps the biggest challenge to implementing Blockchain is the psychological shift that must take place both within and across participating organisations. With a Blockchain network, it’s no longer your data or my data, it’s our data and our smart contracts that operate on it to reach agreed results.
To ensure success, Blockchain applications need to start with a solid understanding of the problem to be solved.
Take Nigeria Customs Service (NCS) for example. NCS piloted Oracle’s Blockchain-as-a-Service, which allows it to document and track products manufactured locally, right from the source of licensing and permits for manufacturing, to distribution and point of sale.
For each new use case, the applicability of Blockchain technology versus using a centralised database should be assessed across several criteria.
Having determined a fit for a Blockchain solution, the implementation needs to be considered against key variables such as the level of trust required in the network and the likely complexity. The level of trust typically determines whether a permissioned or permission-less Blockchain is required, and what typical consensus protocols are available for use.
Currently, most business-oriented frameworks are ‘permissioned’, but there are also implementations that use a ‘proof-of-elapsed-time’ consensus protocol. Similarly, most modern business-oriented Blockchain frameworks are feature-rich, to support things like the ability to implement smart contracts, requiring automatically executing business logic based on external input and verified by all nodes.
Other considerations guiding the choice of Blockchain framework are around implementation, interoperability and security. These include mistakes in smart contracts that can lead to unwanted behaviour; and little standardisation, meaning that all parties need to choose the same technology stack.
Understanding the technology
With such wide-ranging possibilities, there is no surprise that Blockchain has the potential to enhance the quality of service delivery while improving confidentiality and integrity of data.
In summary, Blockchain’s long-term success is particularly dependent on early decisions regarding its implementation framework. The complexity needs to be understood and securing the right skills and capabilities for the team is key, especially for a secure and future-proof implementation.