1. Conduct a formal security risk assessment using a common framework

Conduct a formal security risk assessment using a common framework (such as MITRE ATT&CK). Use this to inform system design.

Whether you’re deploying consumer devices, industrial workloads, or operational technologies, it is important to first evaluate the risks and threats associated with your deployment. For example, one common threat to IoT devices listed in the MITRE ATT&CK framework is a Network Denial of Service (T1498). A denial-of-service (DoS) attack against an IoT device can be defined as disallowing status or command and control communication to and from an IoT device and its controllers. In the case of a consumer IoT device, such as a smart bulb, not having the ability to communicate status or receive updates from a central control place could create problems, but would likely not necessarily have dramatic consequences. However, in an OT system managing a water treatment facility, losing the ability to receive commands to open or shut key valves could create a larger impact to people and the environment. So, it’s important to look at the impact of various common threats, how they apply to different IoT use cases, and ways to mitigate them. Key steps include:

Identify, manage, and track gaps and vulnerabilities. Create and maintain an up-to-date threat model that can be monitored against.
Segment systems based on their risk assessment. Some IoT and IT systems may share the same risks, so use a predefined zoning model with appropriate controls between them.
Follow a micro segmentation approach to isolate the impact of an event.
Use appropriate security mechanisms to control information flow between network segments.
Regularly identify and review security event minimization opportunities as your IoT system evolves.

Supporting AWS resources

When building your environment inside of AWS, foundational services such as Amazon Virtual Private Cloud (VPC), VPC security groups (SGs), and network access control lists (network ACLs) should be used to implement the micro segmentation. AWS recommends using multiple accounts, which helps to isolate IoT applications, data, and business processes across your environment and use AWS Organizations for better manageability and centralized insight. Additional information can be found in the Security Pillar of AWS Well-Architected Framework and Organizing Your AWS Environment Using Multiple Accounts whitepaper.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Implementing IoT security using AWS services

Maintain an asset inventory of all IoT assets