Amazon Web Services has introduced Amazon Macie, a new security service that uses machine learning to help customers prevent data loss by automatically discovering, classifying, and protecting sensitive data in AWS. Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides customers with dashboards and alerts that give visibility into how this data is being accessed or moved. The fully managed service continuously monitors data access activity for anomalies, and generates detailed alerts when it detects risk of unauthorized access or inadvertent data leaks. Today, Amazon Macie is available to protect data stored in Amazon Simple Storage Service (Amazon S3), with support for additional AWS data stores coming later this year. Customers can enable Amazon Macie from the AWS Management Console, and pay only for the GBs of Amazon S3 content classified and the AWS CloudTrail events analyzed, with no upfront costs or software purchases required. To get started with Amazon Macie, visit: https://aws.amazon.com/macie.
As organizations continue to generate growing volumes of data, it has become increasingly difficult, expensive, and time consuming for security teams to find and protect sensitive information scattered throughout the enterprise. Existing security tools designed to address this challenge generally require customers to develop and frequently update complex data classifications, which can only account for known risks and often generate many extraneous or inaccurate alerts. Amazon Macie automates these labor-intensive processes, using machine learning to better understand where an organization’s sensitive information is located and how it’s typically accessed, including user authentication, locations, and times of access. After a baseline is established, Amazon Macie actively monitors for anomalies that indicate risks and/or suspicious behavior, such as large quantities of source code being downloaded, credentials being stored in an unsecure manner, or sensitive data that a customer has accidentally made externally accessible. The Amazon Macie console puts the most important information front and center with highly accurate alerts and detailed recommendations for how to resolve issues. Amazon Macie also gives customers the ability to easily define and customize automated remediation actions, such as resetting access control lists or triggering password reset policies.
“When a customer has a significant amount of content stored in Amazon S3, identifying and classifying all of the potentially sensitive data can feel a bit like finding needles in a very large haystack — especially with monitoring tools that aren’t smart enough to effectively automate what is now a very manual process,” said Stephen Schmidt, Chief Information Security Officer, Amazon Web Services. “Amazon Macie approaches information security in a more intelligent way. By using machine learning to understand the content and user behavior of each organization, Amazon Macie can cut through huge volumes of data with better visibility and more accurate alerts, allowing customers to focus on securing their sensitive information instead of wasting time trying to find it.”