3 Key Takeaways About Distributed Ledger Technology and Data Security
- Distributed ledger technology is fast becoming one of the most effective methods for protecting companies against cybercrime.
- Replication of ledgers produces multiple, distributed backups that make it practically impossible for a threat actor to locate and encrypt every piece of code.
- Distributed ledger technology even works for companies with many internal endpoints, and for those working with third-party service providers.
NetDiligence® President Mark Greisiger and TrueNode Tech CEO/Founder Geof Wollerman discuss these takeaways and the advantages of distributed ledger technology as one of the best practices to improve overall data security and defend against common threats, including ransomware. Read the synopsis below, and watch the video for their entire interview.
MG: Within the backup world, Geof, I’m interested in your technology. It’s essentially a distributed ledger technology for backups. Thank you for being here to talk about it.
GW: Thank you for having me. I’m happy to talk about distributed ledger technology, specifically in the realm of backups, because data security is a huge concern these days for companies of all sizes—not just global enterprises but small businesses, too. You name it, it seems like everyone is getting hit in some way by some kind of cybercrime.
MG: One in three claims within the cyber insurance world are related to ransomware. I’ve talked to a lot of incident response experts who assist clients daily with it. They say almost 50 percent of the time, the threat actor got to the customer’s backup systems, leaving the customer few choices of what to do. They would most likely have to pay the bitcoin demand because the backups were already encrypted. So how does distributed ledger technology keep customers’ data secure and immutable?
GW: When you talk about attackers getting a hold of backup, that’s a big part of how we take away the data security threat. There is no access to an entire system or database when the company uses a distributed backup approach.
The term “distributed ledger” is almost self-explanatory. It comes from accounting: It’s a ledger book that keeps track of numbers. In the case of IT, it’s not just numbers, but data, too.
Distributed ledger technology takes the original set of data and replicates it several times. With our technology, Hyperion Node (HN), we replicate it a minimum of three times to improve data security, but spin up additional replications depending on how often the data is used and how big the client’s network is.
This redundancy takes away the value of an attack and makes the data immutable—unalterable, always valid—and secure. These different versions and copies of the data basically check against themselves to make sure they’re true and accurate. If one copy is altered or corrupted or, in the case of ransomware, encrypted, the system will simply recognize it as not like the others. It’ll basically ignore it, delete it, and spin up another replication to replace it.
It would be impossible for an attacker to locate every piece of data and encrypt them all. Right now, with a lot of cloud providers or on-premise servers, there’s a single point of failure. Once an attacker is in, they have access to an entire database, often with tens if not hundreds of thousands of pieces of personal private information.
We split that database up so there’s only access to one of these little pieces, which, from an attacker’s standpoint, has little to no value. That’s how to keep customer data secure with distributed backup.
MG: You mentioned Hyperion Node. How does it protect against these database security threats?
GW: If a client system is entirely on Hypernode Node, or even just their backups, there’s no way for an attacker to access that entire database or backup. All they would be able to potentially track down and find are these little pieces. Those pieces are all hashed and encrypted themselves, so they all look the same.
If an attacker finds a server holding one of these backup pieces, it would also include little pieces from other companies or users. There’s no way to identify any of the data to know what it is or who it belongs to.
They could hold a piece ransom if they wanted to, but the system just ignores it, recognizes it’s invalid, and spins up another replication, taking away the value and incentive of attacking.
MG: What about a company using many internal endpoints for their data? Is it harder to secure?
GW: Right now, the way a lot of cloud providers and systems are set up, it’s up to the client to secure endpoints individually and make sure certain people don’t have access. But they have to actively go out and do this.
Hyperion Node technology starts from a completely different premise: All data is by default secure and inaccessible except to the primary administrator who set up the account. It’s up to that administrator, or sub-administrators under that administrator, to determine who has access to data and the scope.
That determination can go down even to the column level on a table. If a user is working with a table with personal information—first name, last name, and some of those columns are Social Security numbers or credit card numbers—the system allows those columns to be encrypted and not visible to certain users without access.
In the case of data security breaches, with multiple endpoints in a company, a company using HN for backups to protect against attacks, every one of their employees with a computer within the company can also install HN, even if they don’t have access to or don’t even work with the data. HN will immediately recognize the computer as part of that client’s network and protect it against breaches and other attacks.
MG: A lot of our customers insured for cyber risk outsource to third-party service providers. How can they protect against outside access to their data and other vulnerabilities?
GW: It’s a great question because many companies work with a lot of different third-party service providers. Providers can be given access with very specific parameters— such as, for a certain week, from this date to this date, they only have access to this particular type of data, even as far down as a column or row in a table, but can’t see the personal private information in that table.
What we’re doing is putting users back in control and ownership of their data and being able to determine permissions.
MG: Geof, thank you for the summary. Distributed backups are becoming a huge safeguard many cyber underwriters now require customers to have. I think our viewers will be especially interested in learning more about the benefits of distributed ledger technology and how it makes backups immutable.
Watch Mark and Geof’s full discussion about distributed ledger technology today.
As founder and CEO of TrueNode Tech, Geof’s Hyperion Node distributed-ledger cloud database engine secures against breaches and other cyber attacks. If you have questions about the advantages of distributed ledger technology, click here to contact him, or find out more in the eRiskHub. Click here to contact Mark at NetDiligence.
Ready to bolster your organization’s cybersecurity with an incident response plan? Find out more about our turnkey incident response plan, Breach Plan ConnectⓇ.