You’ve probably heard about Bitcoin, the virtual cryptocurrency that has often been associated with illegal activities and the “dark web.” Indeed, it’s been a favorite way for drug dealers, for various criminals, and for hackers who take over machines and then demand “ransomware” to get paid.
Since Bitcoin transactions are secure and essentially untraceable, it makes life much easier for undercover transactions. Of course, there are many legitimate uses for Bitcoin as well, and many mainstream institutions have begun accepting it as payment.
Bitcoin and similar types of cryptocurrencies are based on a technology called blockchain (although there are some competitors, Blockchain is currently leading the field in vendor support and R&D). Blockchain in its simplest form provides a mechanism so that each step in the process chain has the ability to add data to a protected ledger and to determine that the data has not been changed or altered in any way. This creates a fully audited trail of any and all activities for a specific data set related to an activity or process.
In this way, blockchain provides for an unalterable history of all transactions and verifiable database of activities for use by any applications needing access to the ledger. Clearly this is important in any high value transaction that must be prevented from being forged and/or hijacked. Which is why blockchain is so attractive as a financial vehicle.
Use of blockchain in financial systems continues to expand and will be an increasingly important technology going forward. But blockchain capability may actually be as or more important to enabling a growing number of high value IoT functions that must also be effectively protected.
In the important field of the Enterprise of Things (EoT), having proof of unaltered data is often mission critical and can make the difference in a life or death situation, in hazardous response requirements, or in many other high value interactions/operations.
For example, imagine health related data from some monitors that could control life or death situations, being sent to the cloud for processing. How do you know that data is legitimate and unaltered?
Or perhaps a company is shipping very expensive drugs that must be maintained at a particular environmental level to remain effective. How do you verify the monitoring data is valid when high-priced product sales are at stake?
Or you may be monitoring data from a power plant or other large public facility. How do you verify the data has not been altered to mask some form of tampering that could cause the plant to fail, or worse? Or data sent from an operating automobile or truck? Or airplane?
There are a large number of such potential uses for EoT generated data that are of extremely high value and any attempts at altering or “spoofing” such data could have potentially monumental consequences. Which is why data protection and verification is of such high importance to many critical EoT solutions (and often overlooked and/or neglected).
Many companies are investing in blockchain technology as part of their infrastructure capabilities. For example, IBM as part of BlueMix has been promoting use of blockchain in its software targeted at financial institutions. But it may be equally as important to IBM in enabling Watson and its cognitive services for many industries required to fully verify all data before it is analyzed and acted upon.
And IBM is not alone. Microsoft Azure has made available a blockchain-as-a-service environment, as has Amazon (AWS). System integrators like PwC and Deloitte provide blockchain services. And the list is growing. In the next 1-2 years, I expect nearly all the major infrastructure vendors to offer services based on blockchain or a similar audited ledger technology.
So what does all this mean to the emerging field of EoT? As more and more organizations find ways to exploit the benefits of an EoT environment, they will be faced with a real security dilemma that requires a way to fully audit and verify that the data generated by the “things” and acted upon by analytics and automated workflow systems has not been compromised in any way. This is not only a nice to have, it’s potentially a requirement to prevent catastrophic circumstances.
While not the only way companies will have to deal with security in an EoT environment, blockchain and similar technologies offer an important step forward in making EoT safe from hacking and/or hijacking. I expect many vendors to start addressing such needs with targeted offerings. Companies serious about EoT need to fully examine the benefits of such a technology as a key component of their strategy going forward.