In 2017 I contributed to the design concepts for Compliance Reporting for Risk and Security Management in the Watson IoT Platform.
What is Risk Management?
Businesses with IoT deployments have the challenge of ensuring that the entire IoT landscape operates within acceptable and expected boundaries. The consequences of IoT devices operating outside of defined criteria, or policies, could have a major impact on the security of the overall IoT deployment, the safe operation of connected devices and business impact.
What is a Risk and Security Risk Management Policy?
The Watson IoT Platform allows the configuration of specific policies in relation to connection security.
Compliance reporting provides dashboard cards and drill-in reports on the policies configured in a Watson IoT Platform organisation.
Risk and Security Management is primarily targeting two of the IoT personas
- Sally is an IoT System Operator. She handles the day to day system operations on the LOB and client IoT organization. She makes sure that new device types and devices are registered, are behaving, and are up to date with recent secure firmware. She defines policies, creates and runs actions on policy alerts that acts on misbehaving devices.
- Adam is an IoT Security Operator. He ensures security and compliance by specifying policies that detect abnormalities and prevents devices to be compromised. He reports to audits on compliance to regulations and policy coverage on devices.
Sally, the systems operator can from a single view get an overview of policies to understand the organization’s security posture and identity potential risks in under 5 minutes; then be able to drill into the current state and history of devices to investigate root-cause.
As a systems operator, I need to:
- See the high-level security status of the devices so I can quickly identity potential risks.
- Drill down from a general view to more specific reports to identify problems
- Drill into the current state and history of devices to analyze root-cause
- Download, filter, and sort the report
View Policy Compliance from Dashboard
The Watson IoT Platform Risk and Security dashboard provides an instant overview on current security position and provide drill-in to find more compliance-related information.
- The dashboard has a collection of cards that can be used to monitor security-related KPIs.
- Sally sees that Connection Security policy has the most violation. She drilldown to find out more information. She clicks on Connection Security
- The compliance report shows an overall compliance with the Connection Security policy, and the current compliance for each rule. Sally clicks on a custom rule defined for TemperatureSensor device type to drilldown to see all the devices that fail the default policy.
- The next report presents a list of devices that fail the rule and the causes of failure.
View Policy Compliance from Policies Page
The Policies page in the Security section of the Watson IoT Platform provides an overview of Risk And Security Management policies.
- Access the compliance report by clicking “View Compliance” button.
- The compliance report shows an overall compliance with the policy and the current compliance for each rule
- The next level of drilldown shows all the non-compliant devices that violated the rule. Search/filter/download the report.