Such digital assets can serve as the actual asset itself such as a Bitcoin ‘key’, or as proxies for legal rights associated with material assets through tokenisation. Financial institutions and disruptors have led the way int he development, deployment and use of digital assets, but other industries are now starting to engage, based upon the ability to transfer right in, or ownership of, literally any material asset, digitally.
External hackers represent a significant threat that must be secures against, and cybersecurity solutions to date have focussed heavily on ‘high wall’ perimeter defenses, more recently combined with an ML/AI overlay (e.g. Darktrace) to provide warning of a typical behaviour or breach.
However, by far the biggest risk (which is often undisclosed to avoid reputational damage) emanates from internal actors and channels. There are three core vectors therefore that must be considered and addressed in any full solution: External attackers obtaining internal credentials; users bypassing carefully designed processes and safeguards to simplify their daily tasks; and administrators with authority to manage (and subvert) access protocols.
Complex security, authentication, and enforcement policies work only if they create little friction in users’ daily lives and only where they cannot be subverted by those entrusted to protect digital assets.
There is a trade-off and tension between maintaining security without compromising usability and maintaining enforcement as the environment scales. Solutions generally involve a compromise in at least one of these dimensions in order to deliver against the others. For example: hyper-secure but unusable; and/or Limited ability to scale; or scalable but insecure and unenforceable in a flexible way.
Lacero has been designed to enable owners of digital assets, and indeed any data, to take back secure control through the definition, publication, verification and enforcement of sophisticated, granular data policies at scale, in a highly usable manner for their administrators and users. At the same time, Lacero allows enterprises to shift policy enforcement away from internal infrastructure where it is vulnerable to internal malfeasance.
Unlike existing centralised policy engines which present a huge attack surface, typically exclusively controlled by an internal administrator with all the associated risks, these policies are expressed as smart contracts operating across the Blockchain.
Interested to know more? Download the whitepaper here