2. Maintain an asset inventory of all IoT assets

Maintain an asset inventory of all IoT assets, including IT assets required to maintain IoT operations. Categorize them by safety, criticality, ability to patch, and other actionable criteria.

A critical aspect of a good security program is having visibility into your system. It’s also important that you create visibility with actionable outcomes in mind, so you can automate operations and maintenance of these devices after deployment.

Create and maintain an asset inventory for all IoT assets along with their major characteristics that you may want to action upon. This includes things such as deployed certificates and software or hardware versions.
Segment devices into categories or apply appropriate tags to be able to manage them programmatically. Focus on actionable data such criticality of the devices, location, whether the device can or should be updated, or important contact and owner information.

Supporting AWS resources

AWS provides the following services to help you create and maintain a connected asset inventory:

AWS IoT Device Management – For devices connected to AWS IoT.
AWS Systems Manager – For cloud and on-premises computers.
Security Pillar of AWS Well-Architected and IoT Lens

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Formal security risk assessment

Provision IoT devices and systems with unique identities and credentials