This week, Amazon Web Services introduced Macie, a fully managed security service for S3 that uses machine-learning algorithms to automatically identify and protect sensitive data against data leaks and unauthorized access.
Macie uses machine-learning algorithms for natural language processing (NLP) to detect common sources of personally identifying information or intellectual property with high business value such as source code, credentials, and API key formats. Predictive analytics are then used to automatically classify the information and analyze normal access patterns for it. Abnormal behaviors, such as sudden increases in high risk API activity, are flagged as suspicious and automatically generate alerts.
Macie is assisted by leveraging AWS Cloudtrail, a service that assists with compliance, auditing, and governance of AWS accounts, by checking Cloudtrail events for PUT requests and classifying them in an almost instantaneous manner. In doing so, Macie provides a tool for AWS customers to not only protect data, but ensure that it is adhering to certain privacy standards, such as HIPPA or the EU’s upcoming General Data Protection Regulation (GDPR). With Macie, AWS customers who need to adhere to tight restrictions on personally identifying information, such as those stipulated in the GDPR, can easily anonymize data and create logs for auditing purposes.
For data research and reporting, Macie provides administrative configuration for reporting and alerts from 20 different supported alert categories. Alerts are automatically generated for detected risks, such as anomalies in data access or data and account credentials that have left protected zones, as well as changes to security policies and access controls and early indicators of attacks such as lateral movement or persistent mechanisms. Additionally, Macie provides a dashboard where users can view a variety of metrics on the activities that are being monitored and classified.
Macie is now available to AWS customers and supported in the US East and West regions, with customers such as Edmunds, Autodesk, and Netflix. Although it currently supports only S3 services, Amazon has plans to expand machine learning security to include other Amazon storage services later this year.