Building a Personal Safety Platform with AWS IoT

Challenge

Wearsafe’s platform had to meet strict security requirements and over 99.99% reliability to meet wireless carrier market performance standards.

Solution

ClearScale designed, architected, and built a new AWS environment with various features, including AWS WAF, Key Management Service, Elastic Beanstalk, and CloudWatch.

Benefits

Wearsafe’s personal safety platform is highly available, secure, and scalable, which is essential in today’s increasingly mobile market.

AWS Services

AWS Organizations, AWS Identity and Access Management (IAM), AWS Directory Service, AWS Key Management Service, Amazon Inspector, AWS WAF, AWS Elastic Beanstalk, Amazon CloudWatch, AWS S3, AWS Lambda, Amazon Simple Notification Service

Executive Summary

Wearsafe, the world's leading personal security IoT platform, makes it easy for anyone to get help instantly, offering people the ability to be safe anywhere at any time.

Through a smartwatch, a Wearsafe Tag, or another IoT device, wearers can press a modern-day, mobile panic button. The Wearsafe platform sends an alert to trusted friends, family, or co-workers using audio, location, and group chat to provide all the information they need to quickly coordinate help.

Enterprise and consumer wireless carriers and hardware manufacturers can also integrate the Wearsafe Security Platform into new or existing mobile Internet of Things (IoT) devices — and improve personal safety for more people in more ways.

"Working with ClearScale proved to be very simple and seamless. They worked as an extension of our technology team and brought very detailed knowledge and expertise into the mix. ClearScale delivered best-of-breed infrastructure. Now we have a highly secure and scalable solution that meets our needs, and is easy to maintain. With ClearScale we have a great partner that can flex to meet our project and operational needs as we grow."
Phill Giancarlo
Chief Technology Officer, Wearsafe

The Challenge

In order to meet the demands of the wireless carrier markets, Wearsafe’s platform had to meet very specific — and strict — security requirements. High availability (over 99.99%) was also required, to serve people who could be in life-or-death situations.

For the same reason, Wearsafe also needed to reduce downtime during deployments. Deploying an IoT platform that didn’t typically have critical use cases like these was challenging.

Since the infrastructure wasn’t shared, each provider would have their own deployment and automation tools that were extremely important. And with an exploding personal safety devices market, Wearsafe’s end-product could potentially have many clients. Scalability of the solution was mandatory.

Wearsafe decided to deploy its new IoT platform on Amazon Web Services (AWS), since it determined that the company had the best services and integrations. Wearsafe’s team needed to focus on rearchitecting their software and needed a partner who could work in lockstep with them to rearchitect the infrastructure.

The ClearScale Solution

Wearsafe hired ClearScale, the experts in cloud solutions and AWS, to help design, architect, and build a new AWS environment from the ground up.

To meet Wearsafe’s extremely strict security requirements, the ClearScale team leveraged AWS, third-party tools, and DevOps techniques, and implemented:

  • Access controls for service and privileged accounts in accordance with least-privileged approach
  • Data encryption at rest and in transit
  • Anti-malware and vulnerability management
  • Network intrusion detection system (NIDS) and host-based intrusion detection system (HIDS)
  • Blue/Green deployment
  • Centralized logging, auditing, and backups
  • Disaster recovery in another region

Architecture Diagram

Architecture Diagram

Logical Diagram

Logical Diagram

ClearScale used AWS Organizations, AWS IAM, and AWS Directory Service to better adhere to the security principle of least privilege.

AWS Key Management Service, which is integrated with most AWS services, was used to create and control the encryption keys used to encrypt data.

The ClearScale team relied on AWS Inspector to assess applications deployed on AWS for vulnerabilities or deviations from best practices, improving security and compliance.

AWS Web Application Firewall (WAF) protected Wearsafe’s web applications from common web exploits, providing control over which traffic to allow or block to web applications by defining customizable web security rules. The ClearScale team also deployed OSSEC to help Wearsafe meet specific compliance requirements such as SOC. AWS CloudTrail was used to record AWS API calls.

Traffic Flow Through WAF

Traffic Flow Through WAF

AWS Elastic Beanstalk was used for deploying (Blue/Green technique) and scaling web applications and services. AWS Systems Manager Parameter Store provided secure, hierarchical storage for configuration data management. AWS Systems Manager Patch Manager was used to monitor patching to verify compliance.

AWS CloudWatch monitoring service collected and tracked metrics. An ELK stack (Elasticsearch search and analytics engine, Logstash data processing pipeline, and Kibana data visualization tool) makes collecting, searching, and analyzing log files easier.

For backup, RDS Automated Backup was used. This feature creates a storage volume snapshot of a database instance, backing up the entire database instance, not just individual databases. It will enable Wearsafe to recover their database to any point in time during the backup retention period, up to the last five minutes of database usage.

AWS S3 provided durable and scalable storage, and S3 Cross-Region Replication was used to store backups in multiple AWS Regions. In addition, the team leveraged AWS features and services, such as CloudWatch Events, Lambda, and SNS, for an architectural approach on how to recover from a disaster in different AWS Regions and AWS Accounts.

Database DR in another AWS Region and AWS Account

Database DR in Another AWS Region

IoT DR in another AWS region and AWS Account

IoT DR in Another AWS region

The Benefits

ClearScale deployed a secure, highly available, and scalable IoT solution for personal safety on AWS. This solution fully complied with Wearsafe’s strict requirements, and will support a fast-growing, complex environment. Because Wearsafe took full advantage of ClearScale’s help and expertise, they were able to save valuable time and get their solution out quickly.

Wearsafe’s personal safety platform is a perfect fit for today's mobile lifestyle. The service can be used with a variety of cellular and non-cellular IoT devices that act as intelligent two way communications agents as well as panic buttons. These security solutions address the broad safety needs of families with children, runners, bikers, mobile workers, travelers, people with health conditions, and mature adults, as well as enterprise customers.

It was appropriate that Wearsafe relied on ClearScale to provide a secure and reliable solution that empowered people to stay connected, informed, and get help from anywhere. It’s as simple as pressing a button.