In the last article, we explored potential uses for blockchain technology in records management and information governance. Several startups have pilot projects for blockchain records management software, but none have been brought to market yet. Once blockchain software solutions are available, organizations thinking about a switch to blockchain should carefully consider the ways the software addresses some of these key challenges and technical hurdles. This will help ensure the software is right for their organization before investing in blockchain technology.

Validation

An organization would first need to ensure there is a feasible way to validate new blocks. Then, it would need to decide whether this process should be public or private. The software’s validation system and whether it uses public participation are critical factors to the overall security and usability of the blockchain software. For example, Bitcoin uses a “proof-of-work” validation algorithm intended to be difficult. This method spurs fierce competition among a global audience of “miners” and “nodes” that validate each new block. This works well for decentralized payments, but it might not be practical for enterprise records management. Having each public node maintain a full copy of the blockchain ledger raises serious information privacy issues. Unless the public can validate blocks without being able to read the plain text of each block’s underlying contents, this format won’t be feasible for a private organization managing sensitive non-public information.

Rather than involving the public in the validation process, it would probably be best to have a “walled garden” of a few permissioned private participants without compensation, instead of tens of thousands of permissionless public participants. This system might use only a handful of servers at a few strategic corporate locations or, at most, one on each employee workstation. In this case, blocks would need to be easy to solve so employees could add new blocks without relying on luck or wasteful computation. However, a difficult validation algorithm is a source of security, so simplifying the algorithm and validating in private increases the risk of cyberattack. The easier it is to validate new blocks, the less secure the system becomes.

One potential way to resolve this issue is an alternative validation method called “proof-of-stake.” In this format, solving blocks depends on the amount of a “resource token” a miner holds rather than their computing power. This means only the holders of tokens (e.g. a corporate records manager or IT admin) can generate and validate new blocks. But while this initially appears to be a promising solution, some experts warn that proof-of-stake validation is not secure.

Data Storage

Another big issue is what data to store on the blockchain itself. Ideally, you would store entire records and their change history in complete form on the blockchain. But if the blockchain ledger is open to the public rather than closely held by a corporate user, the ledger would soon grow to an enormous size. Even for a single organization using its own private blockchain, the size might be easily manageable at first, but over the years it could become very large.

You could shrink the ledger to avoid this problem. If the ledger only contains an index of check-ins and check-outs that reference the underlying files and data, it will be smaller. This would fix the space issue, but you wouldn’t get the full benefits of blockchain.

One proposal, called “sharding,” seeks to resolve this problem by breaking the blockchain into manageable pieces and having each node store only a small fragment of the entire blockchain. However, the practicality of this idea is far from certain.

Data Permanence

Another hurdle for blockchain records management software is how to handle the permanence of blockchain data...

To read more about permanence at: https://www.zasio.com/blockchain-for-information-governance-vetting-a-solution/

 

Author: Frank Fazzio, Analyst at Zasio Enterprises, Inc.