Tokenisation, ‘The Last line of defence’!

In military terminology, the last line of defence is where a strong defensive position is held so to hold enemy forces back and not allow them to pass. If in business terms, allowing the enemy/adversary to breakthrough, then the entire organisation would be at risk of being compromised, exploited and even being reputational destroyed. 

An interesting philosophy, which is important in the world of #datasecurity. 

What do you do with the one person who holds the sensitive data …? First you would consider all your options. A detailed assessment would had been made whether or not to place someone with important information within a high-risk environment. However, what is considered to be a high-risk environment in today’s technological business world. Like any contingency plan you would have options to remove the asset or response plan which provides you with certain IA’s (Immediate Action) on how to respond to certain situations. If these options are no longer viable then you are faced with your executive decision. In theory “you shoot that person to make sure data can never be given”. The example with the “famous cyanide pill” or taking his own life for the safety of others. 

In the world of cybersecurity shooting the person who holds the final password or presses a computer kill switch is not really an ideal solution…. but let’s keep that theory it in mind as a strategic choice but not in that actionable context…. So, what other options do we have? 

First, we need to understand the basics principle: The internet has NEVER been a safe environment, the concept of internet was openness, transparency and connecting each other. The Internet is a global network that comprises many voluntarily interconnected autonomous networks. It operates without a central governing body. With the increasing growth of the internet, we created amazing services and amazing knowledge share. As with every development in life, there are people who do good, people who do bad and people who are ‘greedy’. 

This sounds so basic, but this is happening with exponential growth and has been for the past 30 to 40 years on the internet. While in the beginning of the internet, people were careful, it developed to a mass adopted platform where we conduct our business, private entertainment, study, and developed a pre-conceived idea of a social safe virtual world community with over 4billion humans using the internet for their own use….at least most people still think this way….

The last 15 years of internet data has been the name of the game, Data is the new Gold. Companies have been proactively putting platforms on the internet for ‘FREE’ and making you the product. On top of that companies and governments decided to increasingly store that data on an internet platform called in general terms ‘CLOUD’. 

If you realise that the internet never has been built to be safe, you start to realise that for many years your precious data has been open to bad people. Define bad people … 

1. People who abuse your data for their own benefit 

2. Criminals who use your data for their own benefit

A lot of challenges arise at this point in time, because the internet has not been developed to protect you! Hence why would one of these platforms within the market serve you. 

Here, we get back to the term ‘Last line of Defence’ who is going to serve us, protect us and make the internet safe for our use. 

Some groups say it is in the hands of the users themselves. This in theory is a great idea, Power to the people concept, but in practice the individual users are unaware of the multiple vulnerabilities they are exposed to every second which they spend online. The lack of knowledge and understanding of risk plays a big part towards the theft of the user’s digital identity and leading to fraud. Ask anyone if they read the 60 pages of their favourite social media platform privacy policy….and or has it been explain to the user that all their data is being tracked, traced and monitored. It is an unfair position that, they are behind that ‘last line of Defence’ and misled into thinking that they are protected under a company’s GDPR compliance policy.

The double-edged sword is played by both Governments and Businesses. On one hand they can assure their customer’s or user’s that their information is being protected under GDPR guidelines and compliance however, on the other hand under GDPR guidelines information can’t be sold on, if the customer or user has opted out from their information being used. The track and trace element is implemented within the same process through cookies. If not understood and made aware of properly by the customer or user, then that data is captured within the data ecosystem quickly and distributed within a partnership sharing network. This can be multiplied quickly throughout other various partnership networks. Although the governmental law is getting more rigid for abusers and cyber criminals, it is still one rule for one and a different rule for others. The state-of-the-art software being used by big tech companies, hold too many flaws (and backdoors), which keep cybercriminals ahead of the market and CEOs are still in a free zone to choose commercial gain over customer safety. 

What holds the future of all those digital identities? 

One trend moving forward is TRUST, the people on the internet start to realise that they have power NOT to buy, register or give their information. Companies who understand this are going to increase their value massively and there is going to be a big shift in consumer behaviour. The movement that consumers are starting to sue companies who breached their personal data is one aspect that companies will definitely have to focus on their most valuable asset, their clients and employees. 

Another trend, which is still small but growing fast is that people decide to go offline. Several unditigise movements are growing, and people are wanting identity privacy whilst online or stored so they can feel safe and have quality of a digital life. 

And last but not least a movement that we should care and take action! The firefighters, the warriors, the ‘last line of defence’ It is in that category trend that we are looking into Tokenisation from cradle to grave. You have the human right to be treated with respect and be safeguarded. I always take this as an example, ‘the Police’, I cannot afford the police on my own, but as a collective we can all afford to be protected. 

If companies and people realise that with a tokenised databank, we can protect every element of our sensitive data, then Tokenisation is your best ‘last line of defence’. 

TRUST and Value will come back, and people will feel safe when they use a service or platform that is properly protected and have customers or user’s digital identity best interest at heart, because one thing is a fact, we are all connected, and what we don’t want is for intrusive exploitation into our digital footprint and digital identity whenever on or offline.