Visit an IT or CIO conference anywhere in the world today and you’ll hear about digital transformation. But it’s much more than just a buzzword. Organizations are desperate to tap the power of the cloud, mobile, social, big data and more to become more agile and innovative. The concern is that, if they don’t, their competitors will gain an overwhelming advantage, which could resign them to the scrap heap.
Yet security in this new landscape remains a challenge. IT teams need to better understand where the main risks are and what options are available to them. Blockchain offers some answers, but it’s not a silver bullet.
In the rush to the cloud, we see many organizations struggling to overcome their preconceptions about what security should look like in this new environment. It can be a challenge to get them to think not in terms of infrastructure security, but of app-centric security. The truth is that if you secure the application, it doesn’t really matter if you’re on-premise, in the public cloud or on a hybrid set-up.
It’s also important to understand that, in this new world, we’re moving from a closed approach to one where everything is open. Applications can communicate via web services with other applications all over the globe. So why aren’t IT teams also communicating as openly? We need all parts of the function, from security to infrastructure, OS and application teams to be co-operating closely to find ways to automate security processes. It’s the only way to ensure applications can communicate and operate securely and effectively in the new cloud-centric universe.
Unfortunately, security is still seen as a block on innovation. There’s a misunderstanding here that security can impact performance. Similarly, many organizations think that data encryption is just too complex and costly. Yet there are solutions out there that can take care of key management and ensure performance isn’t sacrificed for security.
Fundamentally, it comes down to education of the market. While organizations may be reluctant to implement data encryption or API-layer security, the appetite for blockchain implementations is huge. Yet is it justified?
It’s not that blockchain isn’t a fantastic solution in certain use cases. It’s great for establishing trust between partners in a network, to ensure transactions handled within an application are accountable. But is it necessary for the majority of organizations? The truth is that blockchain is really only useful if you’re using it to process and secure thousands of transactions per second, and have a large community taking part.
Unfortunately, many businesses are trying to jump on the blockchain bandwagon without understanding their own requirements. They need to start with a detailed analysis. What is the use case? Is the trust dynamic centrally important to us? Can we manage with existing technology? Distributed databases, or even a fat client sitting on shared storage, may be enough for your needs.
Going forward, there are a few use cases where blockchain could definitely add value. Think of an energy provider looking to validate customers when they have to exchange power consumption data. Or a bank that needs to securely open up its customer data to third parties, as mandated by the new PSD2 regulations.
But it always pays to think carefully before embarking on such expensive projects. In many cases, it may be worth consulting independent third-party expertise from an organization like NTT Security. The answer to your digital transformation challenges may be much simpler than you think.
To hear more from Rene Bader, click here to listen to his interview with Enterprise Times’ Ian Murphy.