Data Security & Blockchain
Blockchain-based supplier information management
Creates a source of supplier information and digital identity using the cryptographic security of blockchain.
Suppliers offer buyers immediate access to their data (regulatory, compliance, legal, etc.)
Simplify and accelerate supplier qualification, onboarding & lifecycle management.
The Power of Blockchain
Records are copied and continually checked by algorithms to prevent data from being altered or hacked
Any changes to records are saved as a new version and linked to prior versions for audibility
Data privacy is ensured through complex cryptography & nothing gets stored as readable text
Conventional systems are open to fraud, error and inefficiency
Each participant has his own, seperate database, or ledger — increasing the possibility of human error or fraud
Often laden with manual processes, resulting in frequent delays and inefficiencies
Shared databases cannot prevent malicious activity. Hacked entities can corrupt or destroy data in the shared database, making it invalid for everyone involved
Reliance on intermediaries for validation creates inefficiencies
Blockchain is designed for secure training to security
Single, shared, tamper-evident ledger — once recorded, transactions cannot be altered
Data is guaranteed to be valid and reconciled against the data held by the others participating on the Blockchain
Provides levels of error checking and transaction validity not obtainable in regular shared databases
Immutably records all details of a transaction end-to-end, reducing vulnerabilities
What security standards does TYS follow?
TYS information security policies have adopted COBIT principles to the largest extent possible. These include meeting stakeholders’ needs, covering an enterprise end-to-end, applying a single integrated framework, enabling a holistic approach, and separating governance from management.
TYS also follows the ISO standards of ISO 27001 (international information security standard), 27701 (privacy information management systems / GDPR) and 27014 (governance of information security), and ultimately plans to become ISO 27001 certified.
TYS is in the process of undergoing a SOC 2 audit certification and will conduct periodic audits in the future to ensure continued compliance.
Is my data shared with everyone in the network or can I restrict access to it?
No, it is not shared with everyone; data owners have control over who accesses the data they store in TYS. This is accomplished through user credentials, role-based access privileges and the sharing of cryptographic keys. When a user logs in, their credentials are validated and they are given access to the role(s) their organization administrator assigned. If they have the appropriate role, they are able to access the data of any organization that has given permissions to their organization, accomplished behind the scenes through the sharing of keys. For example, a user from a buyer org has access to data from all suppliers who have agreed to share their data with that buyer org.
While each member organization that operates a cluster will have a copy of the entire blockchain ledger on its nodes, they can only view a supplier’s data if the supplier gave them access as described. In the application, suppliers are only aware of buyers whom they’ve received an invitation from, and cannot see other suppliers. After receiving an invitation, a supplier can choose to share their detailed profile data with the buyer.
How do you handle PII data?
TYS complies with privacy laws such as GDPR and follows the ISO 27701 Privacy Information Management System international standard when managing PII data. Since blockchain ledgers are immutable, TYS stores PII information off-chain so that ‘Right to Forget’ and other subject rights outlined in GDPR can be met. PII data is encrypted with the data owner’s organizational keys and is under the control of the owner (i.e. Supplier or Buyer). It can be shared at will by the owner with other permissioned members of the TYS network and also deleted at will.
Is encryption in place for data in transit and at rest?
Yes. TYS data confidentiality is preserved by encrypting it whenever possible. Member organizations have keys that enable them to encrypt blockchain data and any PII data they commit off-chain. Other off-chain data is natively encrypted at rest, and data in transit is always protected using HTTPS or TLS.
How is my data backed up?
Backup and recovery of the ledger is native to the blockchain and TYS implements this by having multiple nodes in different zones and regions, with an identical copy of the ledger on each. Any node that fails will automatically sync up with other nodes upon recovery to update its ledger, meaning every node is considered a backup and blockchain data processed by TYS is never lost.
Off-chain data is replicated in multiple instances of each off-chain database; some are read-only and one is read/write. Off-chain data is backed up every 24 hours and the backups retained for 30 days.
TYS tests all backup mechanisms once annually.
What is your password policy?
First-time users are emailed a registration link that leads them to a web page where they create a user ID and password. A 6-digit verification code is then sent to the email address to validate it, and the user must enter this to gain initial entry into the application.
Passwords must be 8 – 15 characters long, contain both upper and lowercase letters and a numerical digit, and be changed every 180 days. Passwords are always encrypted and their hashes stored off-chain.
SSO is enabled for TYS, using OpenID Connect or SAML. If utilized, users must observe their organization’s password rules.
What security measures are in place around user sessions?
TYS verifies the user’s ID, password hash, and existence of a valid X.509 certificate before granting application access and opening a new session. A user can only run one session at a time. Sessions are not open-ended: each user is issued a session token upon login that will expire once the length of a user’s inactivity exceeds a certain time, or if the user begins a new session outside of the current browser window.
Where is the cloud server and who manages it?
TYS is hosted and maintained on IBM Cloud. All servers are currently in two IBM Data Centers – one in the U.S. and one in Europe – and are managed and operated by IBM. As such, they adhere to IBM physical policy guidelines and are protected against attacks, accidents and natural disasters. These security measures follow the NIST 800-53 PE security and privacy control framework as well as ISO 27001 A11 requirements.
What firewalls do you have in place to protect your network?
TYS is integrating a primary web-app firewall in front of the node application HTTPS ports, and all public internet traffic will terminate at it. It will only allow HTTPS traffic to the TYS web server. There is also an IBM firewall internal to IBM Cloud IaaS, which uses three interfaces to protect TYS elements in the cloud.
More details, including a network diagram, available upon request.
What system hardening measures have been implemented for TYS?
TYS implements system hardening for the application and IBM Cloud implements it for the platform. TYS has applied the following key measures to improve hardening:
• User logins are configured to use MFA or SSO.
• Users need valid credentials to access the platform. The system will reject and keep a record of all invalid logins.
• User passwords must follow set rules.
• A web-app firewall will limit access to the environment and enforce several rules including DDos parameters.
• TYS components run inside monitored Kubernetes clusters.
• All blockchain node cluster IP addresses are whitelisted.
• Integrated SIEM tools provide intrusion detection and alerting.
• Antivirus software is in place on developer machines and for PDF document uploads.
• Blockchain nodes back each other up in the event of a failure of a single node, zone, or region, and IBM backs up off-chain data every 24 hours and retains the backups for 30 days.
• All keys are stored in a separate instance of the offchain database, encrypted at rest, and integrated with a key management service.
• Code deployed on the system is subject to code reviews and static code scanning tools. Dynamic code scanning occurs through internal and external service provider penetration tests.
What anti-malware protections are in place?
An antivirus engine (ClamAV) scans PDF documents prior to upload to TYS, and the engineering team is in the process of installing anti-virus software for the application as a whole.
Do you have a Business Continuity Plan in place?
Yes: TYS has a complete Business Continuity Plan and regularly updates it. TYS has documented its overall BCP process and trained TYS support and operations personnel on it. TYS will conduct annual BCP drills, including DAST and SAST application security testing, and remediate any vulnerabilities found during them.
Do you have documented security incident response plans?
Yes: TYS has approved a Security Incident Management Plan, which is in place and will undergo revisions as future requirements are defined. It follows ISO/IEC Standard 27035 security incident guidance, which includes a recommended five-step process of preparing for incidents, monitoring and reporting incidents, assessing and working out how to mitigate incidents, responding by resolving incidents, and documenting lessons learned. Any user of the TYS network can report an observed incident, and incidents are logged in a tracking tool and classified with a severity level, with SLAs based on the severity level.
Do you have Security Incident and Event Management (SIEM) tools in place?
TYS is in the process of configuring SIEM tools that perform several functions, including monitoring network traffic to and from the Kubernetes clusters, identifying attacks and potentially compromised assets, and looking at activity logs for unauthorized or suspicious user or application access and changes to IBM Cloud resources.
More details available upon request.
In the event of an incident, how quickly can you restore system availability?
The TYS network is in the process of setting up and migrating to the IBP 2.0 high availability blockchain configuration. The blockchain ledger is identical on all nodes by default, so any node that fails can automatically sync up with other nodes upon recovery and update its ledger. TYS is distributing nodes across multiple zones and regions to allow for redundancy if a zone or region goes down. Otherwise, the TYS team will attempt to resolve a critical severity 1 incident within 24 hours.
TYS tests backup/restore processes and redundancy annually.
What security awareness training do TYS employees receive?
All TYS employees must complete a mandatory, custom security training program consisting of 23 modules on topics from malware to GDPR to general security awareness.
The full list of modules is available upon request.