What is a blockchain? Building trust in bitcoin

Financial processes are dependent upon mutual trust between all parties involved. The reason why individuals lend money from a bank rather than, say, the wealthiest person in their town, is because they offer a greater level of security. However, using banks as the facilitator for all monetary transactions is not always practical and in any case, the 2008 financial crisis has damaged the trust upon which banking depends.

In this climate, bitcoin and similar cryptocurrencies have emerged, but they too are faced with the difficult task of creating a mutual feeling of trust amongst users. When you factor in that banks have been engrained within society for centuries while bitcoin is just a few years old, this challenge becomes all the more daunting.

 Blockchains contain records of all the transactions that have ever taken place using bitcoin

The means through which bitcoin and similar cryptocurrencies create trust is through a network-based ledger known as a blockchain. Much like traditional ledgers used by banks all over the world, blockchains contain records of all the transactions that have ever taken place using the bitcoin currency. Unlike bank ledgers, however, blockchains are handled by a network of autonomous computers, not under the control or influence of any single individual or institution. Not even the operators of the blockchain’s various connection points, or nodes, can tamper with this inviolable ledger.

Bitcoin’s blockchain ledger is maintained by this network of nodes, essentially a network of computer owners that have downloaded a set of software tools that enable their devices to interact with other members of the network. The idea behind this is that each node checks the viability of every single blockchain transaction, ensuring bitcoins are not double-spent and only legitimising transactions once they have been checked against the existing ledger. To incentivise the community to legitimise transactions, bitcoin “miners” are rewarded for dedicating computer resources to this process in the form of new bitcoins. Thus, the blockchain is self-regulating as it is in the interests of all members of the network to reinforce the legitimacy of the currency. Without this level of trust, bitcoin becomes worthless.

Top 5 IT Predictions for Finance Sectors

Perhaps more powerful is the emphasis on transparency lying at the heart of the blockchain. All records are public, anyone is free to view a history of all the recorded bitcoin transactions. When combined with the decentralised nature of bitcoin, this offers a level of transparency that stands in stark contrast to the impenetrability of large scale financial institutions. However, as many media outlets have been at pains to point out, bitcoin’s transparency only goes so far, which has both advantages and disadvantages.

Anyone viewing the blockchain will not be greeted with a list of names, IP addresses, or even recognisable purchases. Instead, each transaction will be accompanied by a string of letters and numbers ranging between 26 and 34 characters. Each address is connected to an owner and he or she is free to share this address in order that money can be paid into it, for example, but outside of this there is no easy way of making a personal connection to a blockchain address. This level of anonymity has, of course, led many to associate bitcoin with illegal actions, as the facilitator to a slew of shady transactions taking place on dark web black markets.

This level of anonymity has led many to associate bitcoin with illegal actions

However, with enough legal backing and some investigative know-how law enforcement agencies have broken through bitcoin’s veil of anonymity. The FBI’s seizure of more than $3 million worth of bitcoins when it brought down the online marketplace Silk Road likely relied on bitcoin’s traceability. Unlike cash payments, digital currencies such as bitcoin always lead somewhere and although the exact details surrounding the Silk Road case are unknown, the public nature of the bitcoin ledger is more likely to have aided the prosecutors than the criminals.

Conversely, outside of the reaches of subpoenas and other more extreme legal methods, the identity of bitcoin users is largely protected. This brings with it many benefits, particularly for the millions of people all over the world without a bank account.  Similarly, in Saudi Arabia women are not allowed to open a bank account without their husband’s permission, meaning that they do not have full control over their own finances. Bitcoin offers these individuals and many others without financial autonomy the opportunity to conduct transactions on their own terms. In this respect, the anonymity offered by bitcoin is hugely empowering.

Of course, bitcoin has a long way to go before it gains the level of respect and dependability that long-established physical currencies have – in the history of world finance, it may ultimately turn out to be nothing more than a short-lived experiment. But for now, it offers an exciting alternative to the monopoly of global financial institutions: disruptive and empowering, anonymous yet transparent, decentralised but secure.


Compliance: Data Storage in a Regulated World

Why do we need Regulatory Compliance within technology?

There are many industries that are regulated – Financial, Health, Insurance, and Accounting and Tax planning to name a few.  Now, here lies the problem – each regulated industry requires different sets of rules according to its given regulator. A need for a bridge between the technical understanding of the business requirements to regulatory guidelines is very apparent.  If anyone reading this article has read the FCA’s (formerly FSA) handbook and tried to understand what IT governance is required they will know what I mean.

I will list out a couple of examples where compliance for data storage and retrieval differ vastly.

  • Health – Meeting and Minutes details – Must be held for a minimum of 30 years.
  • Insurance – Employers Liability Policies – Must be held for a minimum of 40 years.

Now, these are just two low-level examples of data retention, now add ALL of the other considerations (and there are a lot) into the mix. Data Access, Information Security, Business Continuity, Data Protection laws etc, you will soon see that the role of a CIO/CTO within these regulated firms is a difficult one as well as knowing that these regulations change too.

So, we have hoards of information that we need to store under our governing body, where do we store them? This now creates another problem, who do we trust to store them effectively and for this length of time? Let’s be honest, most technology firms cannot see past a 5-year business plan, let alone 40 years. This as well as the format that the data has been stored on, will we all be naive enough to think that in 20+ years’ time the data we stored initially can even be accessed? When I was working in the banking sector we had so many disparate systems it was crazy and over a 5-year plan we eventually standardised them through one platform. However, we still had the same problem of catering for the eventuality of recalling data from an OS2 Warp operating system from 10 years prior.

Now, consider the financial regulated world. This is a very very complicated topic and again the policies differ massively depending on what type of activities you conduct under the regulator’s adherence.

For example, the length of time records should be kept depends on which type of business the records relate to. For MiFID (Markets in Financial Instruments Directive) business, records must be kept for at least 5 years after an individual has stopped carrying on an activity; for non-MiFID business, it is 3 years after stopping the activity and for a pension transfer specialist the records must be kept indefinitely. This includes Email, File, Databases and in fact any data that has used for said given business. There’s a MiFID II on the horizon (2015) with even more significant changes are looking to be introduced.

Now, do you see the complications on this one topic (data storage) within IT Governance?

For me, conformity needs to stem from understanding. If you do not understand what you need to conform to, how on earth can you? A simple understanding of one ruling of conformity for example 2 years of data storage and not 5 could save you £1000`s and let you sleep at night.  Imagine if you knew the rulings for ALL of your data storage requirements and you have fine-tuned them to your infrastructure, or better still spoken to someone who already understands them.

Conformity needs to stem from understanding. If you do not understand what you need to conform to, how on earth can you?

There is one company who I have spoken to recently whose approach to this challenge warrants particular merit, and they stand by a 100% guaranteed data restoration rate however long you store your data for: Arkivum.

Arkivum’s storage is based on the principle that 3 copies are needed for absolute certainty that data is safe. So using active integrity checking at all times, every one of your files is copied three times, with two copies held online in geographically separated Data Centre’s and the third held offline locked away in an escrow service.

Arkivum’s Data Archiving Storage System

Arkivum’s Data Archiving Storage System


It was very interesting for me to talk to a technology company and discuss compliance; they even have a dedicated compliance officer.

The regulation of IT, especially Cloud, is paramount and right up there with security.

Is this the future for IT companies, that they must have a better understanding of compliance rulings in regulated industries?

With the state of “internet of things” gathering momentum and even your domestic items being able to talk to each other (and maybe even talk about you to each other), let alone the internet – my feelings are that the regulation of IT, especially Cloud, is paramount and right up there with security.  The only issue I have with regulations is that they sometimes stifle creativity and flexibility, but that’s a whole new topic that I am sure we will discuss in the future. What are your thoughts on regulated IT and compliance?



Top 10 Things to Consider Before Moving to the Cloud


The cloud is here to stay and it makes sense to use it. The market is already developing and changes will occur over the next few years that will allow you to have even more choice than today. Microsoft will inevitably offer a complete hosted solution, along with Oracle, VMware and many, many others. We are also seeing disparate systems on disparate platforms (AWS, Google and others) being linked together, managed by complicated orchestration products. The greatest problem with all of these platforms and services is likely to be the support element, so when choosing cloud for your business, make sure you are asking the right questions:

  1. What cloud services do you need?

In order to choose the option that is best suited to your business, it is vital to understand exactly what cloud services you need.
In order to choose the option that is best suited to your business, it is vital to understand exactly what cloud services you need. There are so many on the market, from full infrastructure hosting and application delivery through to managed backup and disaster recovery services. Even if you only want to move one or two of your services to the cloud at the moment, think about whether you may want to extend this in years to come. Choosing a provider that offers them all could give you more flexibility in the long run. One of the features of a cloud solution is its ability to scale up and down to match your size, but you should still ensure that the provider’s capabilities match your plans for growth.

Many cloud companies do not, in fact, have their own infrastructure but resell from others.

  1. Who am I dealing with?

Many cloud companies do not, in fact, have their own infrastructure but resell from others. This need not be a problem – it is common practice for a cloud provider to sell services via a channel of smaller resellers – but you should make sure you know who is actually providing them! It is quite possible that you will receive better support from a smaller value-add reseller, but you need to know whose customer you are, and who is ultimately responsible for the services you are buying.

  1. What about the contract?

Standard hosted contract terms are often 24 – 36 months, with shorter terms generally attracting higher costs. Some cloud providers, however, are now starting to offer a 12 months or less contract or “pay as you grow” option. This can be helpful if the provider is new to you or even new to the marketplace, and will allow you to gauge the type of service you will receive without making a long-term commitment.

  1. The Service Level Agreement

Don’t get tied into a service that just isn’t working for you.
This is very important. Don’t get tied into a service that just isn’t working for you. Check the terms and conditions for material breaches and downtime. Many providers offer compensation but this is likely to be insignificant compared to a loss of service for your business if your entire company’s infrastructure is running remotely. A good provider will give you the option to terminate the service if the SLA is consistently breached but beware there are many providers that will not.

  1. Where is my data?

There are so many reasons why you should know this. If you do not know where your IP (intellectual property) or data is, then how can you get this back if you fall out with your provider? It is YOUR data and YOU need to know where it is. A good provider will give you access to it, no matter what the circumstances, at very short notice. Beware “safe harbour” agreements too. Although they are designed for data protection, they often fail to stand up if challenged. If you are offered one, have it checked thoroughly by a lawyer.

  1. Security

You must ensure that your provider has the appropriate security to safeguard your business.
This is a very important point and it should be right up there with “should I have cloud services for my business?” At the end of the day, your data is accessible from the internet (and we all use it in one form or another). You must ensure that your provider has the appropriate security to safeguard your business. ISO standards are a good base to grade the provider’s competency in this area, but there are many other standards that can also be adhered to. Note that if you are regulated by a governing body such as the FCA (FSA of old) or HIPAA (healthcare), additional security standards are required. Make sure these are not just a tick-in-the-box accreditation – challenge the provider on what they offer.

  1. Internal policies

As well as being good security practices, security policies for your business are essential for cloud services. ‘Password123′ is not good enough!

On average, internet users have 25 password-protected applications they manage, but only six (or less) unique passwords

Staff will use applications to share information, whether you know it or not. On average, internet users have 25 password-protected applications they manage, but only six (or less) unique passwords. Using a cloud password management platform that enables employees with one password to access all their applications (single sign-on) will help to provide a better experience while securing company access and data.

  1. Check for hidden costs

One major problem with all the options available today is to normalise the offerings and get a fair comparison. You can compare features and functions with a bit of research – using comparison tools such as those on Compare the Cloud – however, providers differ not only in functionality but also in costs and billing methods.

Make sure you get to the bottom of the provider’s pricing. For example:

CPU costs: 2 Core (@2.5GHz) with 2GB RAM costs £x.xx /instance/month
Storage costs: Cost of 1 GB usable storage, SAN/NAS based on 10TB base infrastructure = £x.xx/GB/month
Backup costs (£x.xx/GB backed-up)
Network costs: (£x.xx/GB/month transferred in and/or out)

  1. Availability

Consider how your company’s business handles network, system and other failures. Does the cloud infrastructure need to be highly resilient, or can individual parts fail without causing a major service interruption?

A good cloud provider will have a replicated copy of your infrastructure (for their own internal disaster recovery plan). Some providers will charge you for this and some providers will simply not have this and gloss over the discussion with you. A good start would be to discuss where your provider is hosting your service – data centre – and ask about the Tier level. Every data centre can be graded by this tiering (and should be) and the results will be obvious for you to understand when you receive them.

Tier 1 = Non-redundant capacity components (single uplink and servers).

Tier 2 = Tier 1 + Redundant capacity components.

Tier 3 = Tier 1 + Tier 2 + Dual-powered equipment and multiple uplinks.

Tier 4 = Tier 1 + Tier 2 + Tier 3 + all components are fully fault-tolerant including uplinks, storage, chillers, HVAC systems, servers etc. Everything is dual-powered.

A Tier 4 data centre is considered as the most robust and less prone to failures. Naturally, the simplest is a Tier 1 data centre used by small business or shops.

  1. When it all goes wrong

So you now have a cloud service, or multiple services, and it all goes horribly wrong. How do you migrate away from the incumbent failing provider? Make sure that you are not handcuffed to large exit bills and contract penalty clauses. There are some test cases where clients were asked to pay extortionate fees just to keep their cloud services running after the firm went into financial hardship.

If your business is considering a move to the cloud and you need some advice, contact Compare the Cloud’s Cloud Practice Group and we’ll provide you some free advice and details on other ways we may be able to help make your transition a smooth and happy one.



The Technology Landscape in the year 2025

It is easy to predict what is coming up for the next year but thinking further out is always a challenge.  In this blog post, I am going to look at advances made in 2015 that will impact us in 2025.

Quantum Computing


IBM this year announced a breakthrough in Quantum Computing that allows for the detection and measurement of both kinds of quantum errors simultaneously; and the introduction of a square Quantum bit circuit design.

Impact in 2025

Quantum computing when put into full commercial use will allow for the solving of questions that have always eluded mankind. While initially the technology will be seen as malevolent due to the ability to destroy current cryptology (although it solves this issue also) we will see more general use in 2025 akin to how we use devices today.

Brain 2 Brain Comms

Brain to Brain communication has already had a significant breakthrough in 2015 where two brains were linked for a question and answer experiment.

Impact in 2025

Is this the start of the Humanification we blogged about in 2013? How will our children learn in 2025? Will we see today’s education methods dismissed as archaic? Are we looking at the rise of education algorithms that teach according to the subject’s capacity to learn? Brain to Brain communications has the potential to disrupt all learning institutions and methods, all traditional education establishments would have to reevaluate their curriculum Information on a subject or problem-solving capacity would be instantly downloadable into the brain directly. How will this allow for a measure of intelligence? An example I use from 2015 is the question of should a child need to learn maths to an advanced degree when calculators and a plethora of devices already perform this function?

Nuclear Fusion

Nuclear technology is a much maligned and frowned upon the source of energy. An example being the Japan earthquake receiving 10x more attention once the Fukushima reactor was in danger. Nuclear fusion is best described as the harnessing of sources as powerful as the sun. The advancement of this technology could revolutionise how we consume and manufacturer power.

Impact in 2025

The European Unions first reactor of the type is coming online in 2020 five years into this journey will we see alongside the use of Superconductors and miniaturisation of systems a dramatic change in how we power our data centres, homes and industrial units. Is this the first step towards a positive climate change revolution?

The Robot becomes our friend? (Or does it)

It is frankly amazing when you travel or speak with people from different cultures.  An example being the Japanese who have always seen robotics as an aid and friendly advancement. My personal view is the difference in our generation has been the portrayal of Robotics. In Japan we have the friendly looking Honda Asimo, compare Asimo to the mean looking predator drones and destructive terminator robots we view in Western Cultures, with the destructive stereotype burned on our children’s brains by the continued growth of gaming consoles.

Impact in 2025

We already have robotic hoovers, robotic industrial workers and a robotic seal that comforts the elderly in Japan (yes really). As Artificial Intelligence increases we will see the use of more ‘learning’ capability and automation and freedom of robotic ‘services’. Note I said ‘services’, it is my view that repetitive tasks such as domestic cleaning will be ‘service based’ the same way we order a taxi now. By this time drones would have become sufficiently robust and accurate to allow for home deliveries and automation of shopping services.

Artificial Intelligence

Artificial intelligence has made significant leaps and bounds in 2015 mainly fuelled by the cheap abundance of computing resource, miniaturisation of devices delivering more power and soon the introduction of commercial Quantum computing. Big data and analytics have also been significant investment growth opportunities couple with machine learning it means 2015 has left us with the building blocks for advancement in human history like no other time since the industrial revolution and electrification of industries.

Impact in 2025

The military forces of this world will always take technologies and abuse them for nefarious purposes. My view on the malevolent predictions of AI is that we have had nuclear weapons ever since 1946 and these have been improved on drastically since that time, have we seen a nuclear holocaust?

In 2025 what we will see is a destruction of any industry that relies on a repetitive task such as accountancy, or medical AI will be the ‘brains’ behind all our devices all of our choices all of our health services and above all our social views. The issue with such a thing is that we believe everything and trust whatever is ‘on our screens’ as humans we will need to use our intellectual capacity to move beyond ‘acceptance’ to challenging.

The question that I ponder is this, AI and its mechanical cousin robotics to be truly aligned to human capability require the one thing that during this Christmas s time we all possess ‘Humanity’. Humanity, thoughts, feelings and emotions will never be replicated until humans become a ‘hybrid’ with machines.

I believe in 2025 that we will advance legacy technologies from 2015 such as pacemakers, ingestion tablets and other areas but will not be ready until 2035 for the true singularity by this time protections would be put in place.

What will our homes look like in 2025?

The Internet of Things or IoT is already beginning to shape how we interact with devices around us. From devices that measure our heart rate constantly and the steps, we take during our day to sleep devices that measure quality and length of sleep. M2M or machine to machine, sensors that move beyond the current RFID chips to smart low-power devices will allow for computations and measurements in every aspect of our lives. While many of these things are here today by 2025 we would of mastered the computational and algorithmic aspects to create a perfect balance.

Therefore every device we own will be ‘smart’ from the TV we watch to the earpiece we wear. Our interaction will be seamless thought controlled and tuned to our every whim and need by smart algorithms that run our lives.

The biggest cause of waste and loss in any environment is the ‘friction’ between objects. Imagine if the Japanese bullet train was powered in a vacuum on magnetic rails with no friction? Our homes and device could harness this centuries-old magnetic technology to provide effortless moving of devices and heavy objects. Add to this the embryonic advances in graphene and nanotubes and molecular-based engineering, could we have self-forming objects crafted and formed in minutes in front of our eyes.

As we move into 2016, let us all look back at what has been from a technology standpoint, one of growth but still one of unfulfilled promise. Maybe in 2025 I could look back at this article and laugh at its inaccuracies, remember though when cinema was first displayed people ran out of the theatre thinking the train was going to hit them.

Predicting the future is not easy, but then neither is looking at the past. My final quote is from British Scientist James Lovelock, an unsung national treasure.

“For each of our actions, there are only consequences.”

And last but not least a big thank you to those that inspire me, the team at Compare the Cloud, Simon Porter, Ian Jeffs, Andy Johnson, Rob Davies, Matt Lovell, Doug Clark, Omer Wilson, Michael Andrew-Foote, Gordon Davey, David Fearne and Alan Baxter a Secondary School teacher who forced a loud unruly dyslexic child to make circuit gateways during numerous detentions (you’re my hero).



The Miniaturisation of IT and Data Centres

Today we all hear about the consumerisation of IT, but the one subject most vendors and data centres do not wish to face is what I define as the miniaturisation of IT.

I am a proud iPhone 6s + owner (and an Apple watch, iPad Pro, MacBook Air, iPad Mini 4 all of these in Gold), when I hold my iPhone up I wonder how…

The ‘how’ I wonder is how does this one small device have more processing power than all the Allied and Axis powers combined during World War II. It is amazing when you look at the original Turing bombes or the later colossus machine and wonder how far forward the human race has come.

But as with any device, it is subject to reform, refinement, resizing or adapting to a new format altogether. An example of this is the number of functions my iPhone performs that required other devices previously;

  • Email – this required a desktop or laptop
  • Music – this required a C90 cassette or record player
  • Music store – I have iTunes which is digital delivery of services rather than the traditional vinyl record or cassette
  • iBook’s – I read my books based on a digital download rather than traditional book manufacturer or consumption

The above are just a few examples where functions and form are realised into a more compact function.

Let’s do a bit of future gazing, one of my personal hobbies looking at current devices and services and predicting future form and function:

Data centres / Servers / Storage

Future Form: Do we need such huge properties and devices guzzling power, spinning up out of date components. My view is the power of the large providers such as Microsoft Azure, IBM SoftLayer, Amazon AWS will all fit onto a single form factor of today’s single server within 20 years. As I predicted many years ago on this blog, we are beginning to see the fusion of biomechanics with computing. As Quantum computing and synthetic DNA storage become mainstream today’s devices will become more and more obsolete. I hear with interest many networking and storage companies moving towards being ‘software only’ companies we will see more of these announcements in the next few years.

Hybrid, Hybrid, Hybrid, before we see what I term as ‘the great leap’ towards cloud-based technologies, we will first see a gradual migration, using hybrid technologies which resemble current architectures. These Hybrid technologies such as those used within the car industry will allow familiarisation with future enhancements whilst retaining the current look and feel of IT hardware. The hybrid transition will move into the laggard space by 2018.

Future Function: Those that invest in data centres should now move onto another website here’s a great link In my view data centres that do not modernise and open up their doors, embracing local and national communities will die. Like the much-maligned 1960’s tower blocks being pulled down around the UK, the data centres that do not offer more than technical real estate will be akin to lemmings walking towards a cliff. The function of the future data centre will be in my view very different today and based upon biotech and be more technical hubs for those that need premises.

My view is that within 10 years most mega-cloud providers would have built their own data centres so they control the full stack, whilst regional data centres will lose 80% of capacity, which will need to be replaced by other revenue streams. Servers/storage and other hardware functions will be software controlled and take 99% less footprint that today’s technical architectures. My final thoughts modernise now or you will be extinct like a dodo.

Laptops and mobile devices

Future Form: We could make this as small as an atom if needs be, the issue is whether the artificial intelligence community can allow for the form to be made into a chip. The reason I say this, voice dictation and thought control will be essential to miniaturise these devices. The keyboard layout is crucial to many familiar with creating spread-sheets and word processing functions. My prediction: the laptop and mobile will be chip sized with embedded virtual reality functions that will pop out a virtual keyboard for those who wish to type using QWERTY.

Future Function: IoT, M2M and any other acronym I can throw out there will be controlled consumed and executed by a biochip. We are already starting to see home automation and personal health embedded via apps onto these devices. My view is long term everything from our passports to movies will be embedded onto every human as a biochip with artificial intelligence functions interacting with our thoughts.