Macie is a recently launched security service from Amazon for its AWS customers. It works by identifying and classifying sensitive data such as personal information or intellectual property, continuously monitoring that data for anomalies and giving customers detailed alerts and dashboard readouts related to the access or movement of the data. Macie is currently able to protect data stored in Amazon S3, and support for additional AWS data stores will be available later this year, according to AWS.
Netlix is an early adopter of Macie and so far has seen good results. “Since we started using Amazon Macie we’ve found that it is flexible enough to solve a range of information security challenges that would have previously required us to write custom code or build internal tools, helping us move fast with confidence,” says Patrick Kelley, cloud security engineer at Netflix.
In addition to Netflix, Amazon lists Autodesk and Edmunds as early users of Macie.
Amazon claims that Macie uses machine learning to automate the process of discovering, classifying and protecting data stored in AWS. Macie starts out by creating a baseline of data access behavior and then monitors for actions that might indicate risk, such as large quantities of data being downloaded, sensitive data being configured to be externally accessible or credentials being stored insecurely. Macie provides a console front end. It also delivers alerts and recommendations on how to strengthen your security.
The results of Macie’s analysis of your data may help you better understand where sensitive information is stored and how it’s typically accessed, including user authentications, locations and times of day. It can identify data with high business value, including programming languages to detect source code, logging formats, database backup formats, credentials and API key formats. This is one of its more powerful benefits. Anything that helps you understand your data is a major plus.
Amazon’s new AWS security service supports 20 alert categories designed to provide early warning on security and compliance use cases, such as high-risk data events, API keys and credentials being stored within source code, unencrypted backups containing credentials and early stages of an attack, including behaviors indicating lateral movement, persistence mechanisms, back-door accounts and enumeration of role privileges.
Whether Macie’s pricing makes sense for your company will depend quite a bit on the type of data you’re using in AWS. The pricing also involves the data analysis so it starts out higher as Macie analyzes your data store. On the other hand, if you are continuously adding significant amounts of new data, it may continue to get more and more expensive. Check out the detailed pricing information for some insight. Amazon lets AWS customers try before they buy Macie with this test drive. You may also find its FAQ and documentation useful in assessing the tool as well as more details about AWS security.
Any enterprise application that mentions the terms artificial intelligence or machine learning in its marketing materials sets off alarm bells these days. It’s not uncommon to find that such laims are more hype than reality. Enterprise buyers, beware. But Macie’s ability to classify data in risk terms is well within the state-of-the-art of machine learning today. There are no apparent flights of fancy or flowery marketing language involved. Amazon isn’t promising unrealistic things from its new AWS security service. In fact, Macie looks promising for the many enterprises that are using AWS.