Nov
7

An Overview of Amazon Macie

An Overview of Amazon Macie

November 7
By

At its annual AWS Summit, Amazon added another new product to its cloud services arsenal: Macie.

Amazon used the event to launch a few other products, such as Amazon Glue, that captured more interest. But Macie caught our attention when we read that it uses machine learning to improve security. That’s a big promise, so we decided to investigate.

Taking a closer look at Amazon’s cloud offerings feels like putting a thousand-piece puzzle together with a service combining with others to complete a larger picture. The completed puzzle looks like several supporting services incorporated to strengthen Amazon’s formidable S3 service.

What is Macie?

Macie uses machine learning to help businesses protect their most sensitive data. It does this by monitoring how people access the data while detecting any anomalies. Amazon designed Macie to be a complementary service to its S3 storage service but promised to offer support for additional Amazon data stores in the future. If you are already using S3, you can enable Macie by following this guide.

Macie monitors any new data that goes into S3 to create a baseline and then actively monitors it for any suspicious behavior. Macie automatically detects certain data types such as names, addresses, credit card numbers, social security numbers, and birth dates. Customers can create customized data types that Macie will recognize.

If Macie detects any suspicious behavior, it alerts the owner to determine if the action was accidental or malicious. For instance, Macie would know if a new developer began downloading the source code to a new product. His reason for doing so could be harmless. Nonetheless, Macie would flag his actions and notify his manager, just in case.

Think of Macie as a monitor that keeps track of everyone who accesses your most valuable data. Macie will not lock down data based on a person’s credentials. Macie will help you gain a better understanding of how people are using your most sensitive data, but it’s not a substitute for more rigorous security measures such as RBAC.

What are Macie’s Key Features?

Amazon designed Macie to be a high-level tool that does not require a lot of training to use. You can customize it to reset access control list or trigger password resets, but it runs in the background without your engagement most of the time. So how do you know it is working? Simply by checking the dashboard.

The Central Dashboard for Macie highlights high-risk files along with how other applications are accessing your data. Amazon wisely chose a simplified design. You can sort content by risk level, time range, object type or activity location. The dashboard also includes a Research section where you can conduct in-depth investigative research into monitored data and activity. You can even run data queries, if you need to.

Macie dashboard

Macie allows businesses to visualize their vulnerabilities.

But Macie is only effective if it can provide timely alerts to the right people in your organization. Macie generates two types of alerts: Basic and Predictive.

Basic alerts include those generated by Macie’s security checks. Macie includes several managed alerts you can enable/disable. For example, Macie would generate a basic alert if it recognized Ransomware blocking access to certain files in your data store.

Predictive alerts get triggered when AWS infrastructure activity deviates from the established baseline model. Someone from HR suddenly downloading code—if that person has never done so before – is an example of a predictive alert.

What does Macie cost?

The answer is somewhat complicated. A lot of the cost is tied to the initial classification of the data. The first GB is free, and costs $5 per GB after that. Amazon ballparks a first month cost of $525 to classify around 100 GB of data, and $40 per month thereafter. Keep in mind that Macie only needs to classify your most sensitive data, so that amount is likely limited.

Conclusion

As companies push more data to the cloud, services that help companies keep their most precious information safe, become very valuable. Amazon understands that services like Macie help temper the concern around security and privacy issues when using a cloud storage service like S3.

The use of machine learning is the big news here. Few companies have the processing horsepower and storage capacity to perform deep data analysis in real-time in the manner Amazon does. Amazon knows that the more data people feed Macie, the more it will improve.

Macie reminds us of how Amazon used its Echo smart speaker to gather valuable data on voice and natural language input. Ultimately, this gave Echo a lead in the fast-growing Internet of Things market over Google, Microsoft and Apple.

Macie may not seem like a big deal today, but we believe it gives Amazon a major advantage over its competitors: peace of mind. And when it comes to buying more cloud services, that can often be the deciding factor.