Data Breaches: A Decentralized Solution to a Typically Centralized Problem

Data breaches never cease to grab headlines these days. In fact, we hear of them so often that the destruction they leave behind may not even make many of us flinch anymore. As long as the data is somebody else’s, people might just choose to look the other way. But with more and more data breaches, the odds that somebody can continue to avoid the vices of data storage becomes ever more remote. The truth is, data breaches are a technological tragedy that the entire modern world faces and the problem is only getting worse. State and federal lawmakers continue their attempts to address the vociferous claims of breach victims but struggle to keep up with the tactics of hackers. Suffice to say, the consequences of these breaches only grow with increasing severity.

Additionally, the characteristics of data breach victims are disturbingly varied and come from all walks of life: patient data from hospitals and medical facilities; financial information of credit card and bank account holders; trade secrets; cellphone data; even identifying information and private messages of those cheating on their spouse. Okay, maybe the last one isn’t the worst, but it accentuates the point: nobody is safe.

Some of the biggest problems with these breaches are the fundamental mechanisms by which the data is stored. For example, in many data breaches, the data is stored in a centralized location, perhaps on a third-party’s servers or a local drive. There are plenty of problems with centralized data storage, chief among them being that the labor and time necessary to collect the data for the unlawful removal of it during a breach is significantly reduced since all the data is located in a specific and susceptible place. Comparatively speaking, it used to be harder for criminals to steal information. Criminals may have had to break into a business’s central location and drag the filing cabinets to the back of their pickup truck. If not hard, at least much more disincentivizing, given the lack of stealth involved in banging a loud metal filing cabinet out of a business’s window or back door in the middle of the night, or trying to sneak away boxes upon boxes upon crates of a client’s private information.

It is only natural to centralize important data and documents. The filing cabinet example accentuates that we have been doing it for years. Its just easier. No business wants to have to pull pieces of a file located in five different storage locations across town or across the country. We all want to walk to the shelf and see the entire file there. With computer hard drive storage and even early cloud storage, this workplace tendency has generally remained intact. But computer and cloud storage also introduced the methods criminals use today to quite invisibly steal the data without anybody at your business knowing until its too late (or maybe never knowing at all). Perhaps its time for a decentralized approach.

The potential benefits of a decentralized means of storage cannot be underestimated. If the data is accessible by anybody on a network but encrypted and scattered across the network, the data is not so easily the target of thieves. In this vein, the system is essentially taking the files in the filing cabinet and shooting the information on the pages inside the filing cabinet across the globe in every direction, simultaneously hiding the correct information behind code only decryptable by those on the network. In many regards, this is what blockchain attempts to accomplish. Blockchain, a technology largely still in its infancy, has the potential to bring traditional data breach hackers to their knees. This could be great news for businesses, especially considering blockchain also aims to make data storage cheaper, more consistent, and more available. Some skeptics do get weary, associating blockchain with Bitcoin and the economic turmoil that has come with cryptocurrencies of late. However, while blockchain is indeed the technology underpinning cryptocurrencies such as Bitcoin, blockchain has a bright future in data storage, accuracy, and management, largely independent from Bitcoin’s market issues. While there are nuances and caveats to any new technology, the potential here is great. Here are a few:

  • Blockchain consists of technological “blocks” containing data or information, which are then essentially added on top of each other into a “chain”. The collective chain has unique properties, one of which is that the information on the chain is permanent and time-stamped. It is immutable, which is imperative to data storage.
  • The blockchain network is composed of “nodes” which, in simple terms, act to validate the data through one of several consensus protocols that incentivize proving the data is, among other things, non-malicious. To add to the chain, the data typically must be accepted by a certain percentage of the network thereby ousting traditional breach attempts by rogue hackers.
  • Blockchain technology also allows for the possibility of “smart contracts” which are coded contracts that self-execute when the system recognizes that a predetermined set of criteria are met, which could be immensely useful to companies in the business of data transfer (such as banks, medical institutions, real estate firms, insurance companies, and the like). A hacker attempting a data hack would be theoretically overruled by the consensus protocol and the contract would not trigger.

Decentralized platforms of course come with their own issues. Any blockchain or crypto-enthusiast, probably knows about the various types of attacks that can occur on the decentralized networks in certain situations. There is also the issue of the scalability trilemma: that blockchain aims to render solutions for security, decentralization, and scalability, but can only truly possess any two of the three properties at one time. With time will surely come solutions or alternatives to the original platforms with these types of problems, as blockchain has been resilient in its methods for resolving issues in the past.

Ultimately, when considering enterprise shifts in data protection, any modern business would be smart to consider the growing decentralized options for storage available to them, including blockchain-based options. There may be no greater data privacy tip in present day than to educate your business, and/or IT department and legal departments, on the advent and enterprise opportunities found in decentralized data storage platforms. Your company will surely be grateful in the future. Data protection is the gift that keeps on giving; whether that gift is for the data owners or the data hackers is a story still being written.