The COVID-19 crisis has drastically impacted workflows for nearly every business across the world, and our industry is no exception. For many institutions working with digital assets, the movement to remote work has been a significant (and difficult) change.
Whether you work for a hedge fund, OTC desk, exchange, bank, or other financial institution, you’re probably currently remote.
This might mean that you’re now missing many of the security and operational controls you’re used to having in an office environment. At the same time, we’re seeing an increase in cyberattacks, insider fraud, and human error at firms that are undergoing changes to their work environment.
Many of our customers have offices in cities around the world to keep up with the fast-paced, highly globalized market. Fireblocks is designed to securely support distributed teams and is uniquely suited to help your team transition to a remote work setup.
In this guide, we’ll show you how to move your operations team to a fully remote setup with Fireblocks – without jeopardizing security, efficiency or compliance.
1. Create an MPC-based wallet
If your organization is moving to a remote configuration, being tied to hardware can be a burden (especially if you usually store private keys on a hardware device in a secure location in an office).
MPC is a great wallet solution because it offers immediate access to digital assets while retaining the highest level of security.
The fundamental capabilities of MPC eliminate the single point of compromise of the private key, rendering it into a “liquid” form where each user has their own private share. At the same time, MPC’s distributed nature allows team members to require multiple authorizers for a transaction and sign transactions without being in the same location.
With Fireblocks, your assets are stored in an insured, MPC-based wallet and accessible at all times (which is especially important during a period of market volatility). This allows your team to move those assets 24/7 across exchanges, OTCs, and counterparties.
Regardless of your current storage configuration, you can bring all your wallets – cold storage, hardware wallet, custodian, or external wallet – into one platform.
2. Set up asset transfer policies and remote governance
Your team may currently rely on having everybody in the same office to facilitate governance.
For example, if a trader wanted to transfer assets from exchange A to B, that trader could just ask the operations or finance manager (or whoever is responsible for treasury across the office) to do it for them.
As your team reconfigures in a distributed setup, you’ll need to define new policies and implement a way to enforce them remotely. You’ll also want to find a way to automatically approve transaction requests.
With Fireblocks, you can replace manual policies and governances with a flexible policy engine. You can define your own policies and set rules for the transfer of assets, including:
- Who is allowed to send assets
- Where they’re allowed to send those assets
- Which accounts and wallets they’re allowed to send to and from
- How much and how frequently they’re allowed to send assets
- Who needs to approve the transaction
These rules and policies can be applied to transfers (for wallet and exchange withdrawals), as well as counterparty whitelisting.
Once you’ve defined your new asset transfer policies, Fireblocks automates the governance process by requesting approvals from the necessary parties via iPhone or Android.
3. Validate deposit addresses automatically (or eliminate them completely)
Recently, there’s been a marked increase in cyberattacks and spoofing on employees who are working from home. Cybercriminals will take advantage of any weakness in a system, and for teams that are working remote for the first time, new security weaknesses will inevitably arise.
Cyberattacks and internal fraud due to compromised deposit addresses have always been a problem for the digital asset industry. If a hacker or malicious internal actor is able to replace the intended deposit address in a transaction with their own (through spoofing or other means), irreversible asset losses can occur.
As you move remote, you’ll want to account for the increased likelihood of deposit address fraud and do what you can to cut out the possibility of external and internal attacks, as well as human error.
Fireblocks automatically authenticates deposit addresses, so you don’t have to worry about sending assets to the wrong counterparty (or to an address that doesn’t exist). When sending assets between exchanges or Fireblocks Network members you don’t even need a deposit address! We currently support 25+ exchanges and 180+ tokens.
At the same time, trading assets with other Fireblocks users on the Network is as easy as selecting their name from the list of Network members – no manual whitelisting or test transfers necessary.
If you’re using the Fireblocks Network, the platform simultaneously rotates deposit addresses to ensure anonymity while allowing you to track what assets you’ve been sending to counterparties – without revealing anything on the blockchain.
4. Distribute exchange and wallet whitelisting
It’s best to have multiple parties approve the whitelisting of a counterparty wallet or exchange. This means it’s necessary to have everyone in the same office to add a new trading venue or counterparty into your ecosystem.
As you move to a distributed setup, you’ll need to establish a remote method of whitelisting that is compliant with the “4-eyes policy.”
With Fireblocks, you can distribute whitelisting responsibilities to a quorum made up of any administrative employees who have a smartphone. You don’t need someone to stand behind your shoulder and physically approve what you’re doing on the screen to ensure that your whitelisting process is error-free.
5. Don’t compromise on security
It can be hard to maintain the same level of security and compliance when there are so many unknowns in a newly distributed operations team.
To ensure we provide our users the maximum level of security and peace of mind, we regularly enlist third-party evaluations of our ecosystem.
Fireblocks is an enterprise-ready platform with pen-tested security, SOC II Type 2 compliance, and A.M. Best A-rated insurance. We protect our users’ private keys, deposit addresses, and API keys through a patent-pending combination of MPC (multi-party computation) and Intel SGX (chip-level hardware isolation).
Conclusion
In today’s climate, the digital asset market has reached an extremely volatile state.
Fireblocks can help you stay up to speed with the constantly changing crypto ecosystem while ensuring the security of your digital assets – no matter where your team is currently located.