The blockchain is inevitable and it is coming. But before web browsers, do you remember how Internet was?
Blockchain, the distributed-ledger technology that runs bitcoin, could change the financial system. According to Wikipedia, a blockchain is a distributed database that maintains a continuously-growing list of ordered records called blocks. Each block contains a timestamp and a link to a previous block and are inherently resistant to any data modification.
Many companies are investing in prototypes investigating various blockchain technologies. And as soon as the prototypes have proven their value, big questions about production environments will rise. For example, how will we handle the people and processes behind this new technology – and how will we handle the governance? Clearly, these questions are relevant given the nature of it: a trusted, distributed and interorganizational database (ledger).
In today’s blog post, we’ll focus only on security and data privacy, as they are key concepts on an Internet-based transaction chain. And this becomes even more critical in today’s landscape, where data breaches are prevalent and privacy regulations such as GDPR are on the rise.
Blockchain technology uses keys for cryptography and data exchange. But as secure as the algorithms may be, and as sound the data encryption may be, some of the main factors that organizations need to manage are the people and processes. For example, some key concerns to take into account include:
- The checking of key/seed holder IDs
- Awareness of key compromise protocols amongst employees
- Identification of the current data infrastructure and how data flows through the systems to understand how to intervene
- Permission grant / revoke procedures and policies for bit-data
- Linking personal privacy policies to the right data sources
- Compliance with governmental personal data privacy regulations (e.g., GDPR)
- External audits and their frequency
- Audit trails for all data and user changes
- Data hand-over points between internal (legacy) technology and blockchain interfaces
Adopters of this new technology will be quick to state that proven cryptocurrency security standards will bring the solution, but that is only half the story. If you are really preparing production environments, you will also need to consider key storage policies, usage rights and policies, permission grants, audit frequencies, data sanitization, third party data management, proof of reserves, and so on.
For a good starting point on data governance, I would recommend that you read this e-book. And for other topics of interest, have a look at:
For example, smart contracts depend on the payment blockchain protocol. And financial systems are the lifeblood of every economy. So which strategy the blockchain-using organizations select, and which business model they commit themselves to, will have an impact everywhere. That’s why finding the right compliance, defining the right ownerships, policies, and more will be crucial part of blockchain’s success via data governance.
This is first in a series of blog posts focusing on blockchain and data governance. We will be covering various topics in the future, including oracles for external data on the blockchain and the importance of rules and reference data in smart contracts.
Contributing Author:
Stan Christiaens, Collibra Co-founder and CTO
Stan is the co-founder and CTO at Collibra and leads the global product organization. He’s responsible for product management and UX, Collibra’s Center of Excellence, and Collibra University, Collibra’s online learning platform. Prior to founding the company he was a senior researcher at the Vrije Universiteit of Brussels, a leading semantic research center in Europe, performing application-oriented research in semantics.
