The use of blockchains in business IT is still emerging as companies continue to explore new ways to use the technology. Its strength as a platform to build new generations of transactional applications that will allow users to establish trust and maintain high security for their data and processes is one of its greatest promises and attractions.
To help make blockchains more approachable, here are six best practices from Hyperledger that can be expanded and incorporated by businesses as they dive into blockchains to help their companies deal with their data, security and business processes in the future.
1. Secure today does not mean secure tomorrow
When people hear about blockchain, one of the things they learn about is that it is secure and cryptographically protected. With that information, they then often think they shouldn’t have concerns about using blockchain along with personally identifiable information (PII). The problem is that such an assumption fails to consider the future because as soon as hackers and other bad actors eventually break the cryptographic algorithms that protect such blockchain data today, then all that data will become a treasure trove for criminals. Regardless, developing technologies such as quantum computing could one day make successful attacks on the security of cryptographic keys possible.
So, when it comes to security, even with secure systems like blockchain, things are only as secure as they are today. Tomorrow there may be mechanisms to crack those cryptographic keys, allowing attackers to see all the information that’s put onto a blockchain. With that in mind, a critical best practice is that users should never put PII on their blockchains. In today’s use of blockchain, this best practice is table stakes.
2. Never store large files on a blockchain
Blockchains work by using large numbers of computers that are basically replicating data. So, when data is stored on the blockchain, it gets sent to every other node or peer on the blockchain network. When that happens, storage and compute costs can go up exponentially. To avoid those kinds of added costs, other means of storing and replicating that data should be used, including options such as the Amazon’s Simple Storage System (AWS S3), Google Cloud Platform’s Filestore or other cloud networks. That way, when users are storing big files, they are not paying extra to store, transfer and replicate multiple copies of the same data.
Instead, when using a blockchain, users can store a pointer or a link to a file but keep the actual data on whatever cloud platform they are using. They can also include a hash which notes the content of the file when it is stored, which can then be checked when the file is retrieved to see if the contents of that file have changed by checking it with the same hash algorithm. If it is the same, that tells a user that it’s unchanged and that somebody hasn’t gone in and changed its contents.
3. If you don’t want your data to be public, use a permissioned blockchain
Not all blockchains are public, where anybody has access to the information and can add transactions and read the data that’s in it. When enterprises want to keep things private, that’s where permissioned blockchains come in – data can be stored, accessed and used only between the partners who need to have access. That’s the main reason such permissioned blockchains exist. While things like Bitcoin and Ethereum are public blockchains, the Hyperledger projects are mostly permissioned blockchains. And that’s exactly why they are suitable for business. If your data must remain private, then use a permissioned blockchain. Some people call them private blockchains or consortium blockchains, but those normally fall into the permissioned blockchain space.
4. Create a governance structure for the blockchain
With blockchains, the challenges aren’t technical. Instead, the challenges involve the governance model that is chosen. To keep things working smoothly, it’s best to define the governance structure upfront and even before you dive into blockchain. For example, be sure to decide things like how new users or organizations will be added to a blockchain network, as well as how to determine if a user or organization should be cut out of the network. To protect the blockchain, the data and the rest, be sure to include a mechanism to deal with and remove bad actors who were previously allowed into the network. The governance structure can also address procedures for many other possible situations, as well as how to cope with the politics of the user group. Just remember, these things are still evolving, so those governance procedures will likely change over time. You can learn more about governance and how to manage it in blockchain networks via this webinar we did recently with MonetaGo.
5. Decide on performance and scalability requirements
Different tasks may require different blockchains. As a best practice, architects must understand the requirements for their specific use cases and ensure that their blockchains meet those requirements, just like they would evaluate for any other technology. Certain technologies fit better with specific requirements, so architects must decide on their trade-offs. Are they okay giving up scalability for performance or are they okay giving up the performance to get needed scalability? Those are the kinds of decisions that need to be made early on with each deployment and use case. With the different Hyperledger frameworks, enterprises can set up their own blockchain networks as needed. Enterprises might have multiple blockchains, one based on performance, one based on scalability, allowing them to hone-in on what the need.
6. Analyze blockchain business cases early
To ensure success for the project, says Jesse Chenard, the CEO of finance start-up MonetaGo, IT leaders should ask themselves lots of detailed questions early in the process about their goals for a blockchain initiative.
“You really need to analyze the business case and go through a checklist,” says Chenard. “Do multiple people need access to the data? Do you need an audit trail? Do you actually even need a blockchain? Does it make sense for us?” For some projects, the use of a database can be the right choice, according to Chenard.
Enterprises should approach the project by designing and building a strategy that will help the project reach its goals, and not just aimlessly look to create a blockchain just to dive into the latest technology, he says. At the same time, enterprise IT leaders shouldn’t try to plan ahead for every feature and capability for their blockchains because some will become more apparent later and can be added as the project proceeds, says Chenard.
Blockchain can be a great choice for projects that rely on security, controlled access, accountability, transparency and efficiency in a wide range of fields, from finance to banking, supply chains, manufacturing and more. Having well laid plans, goals and best practices can all help enterprise IT leaders explore the growing blockchain ecosystem as they work to capture its strengths for their businesses.