AWS Government, Education, & Nonprofits Blog

Automatically Discover, Classify, and Protect Your Data

In our post, Building a Cloud-Specific Incident Response Plan, we walked through a hypothetical incident response (IR) managed on AWS with the Johns Hopkins University Applied Physics Laboratory (APL). With the recent launch of Amazon Macie, a new data classification and security service, you have additional controls to understand the type of data stored in your Amazon Simple Storage Service (Amazon S3). Amazon Macie can also help you meet your compliance objectives, with the ability to set up automated mechanisms to track and report security incidents.

Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides you with dashboards and alerts that give visibility into how this data is being accessed or stored. The fully managed service continuously monitors data access activity for anomalies, and generates detailed alerts when it detects risk of unauthorized access or inadvertent data leaks.

Benefits of Amazon Macie for public sector organizations include:

  • Superior Visibility of Your Data – Amazon Macie makes it easy for security administrators to have management visibility into data storage environments, beginning with Amazon S3, with additional AWS data stores coming soon.
  • Simple to Set Up, Easy to Manage – Getting started with Amazon Macie is fast and easy. Log into the AWS console, select the Amazon Macie service, and provide the AWS accounts you would like to protect.
  • Data Security Automation Through Machine Learning – Amazon Macie uses machine learning to automate the process of discovering, classifying, and protecting data stored in AWS. This helps you better understand where sensitive information is stored and how it’s being accessed, including user authentications and access patterns.
  • Custom Alert Monitoring with Cloudwatch – Amazon Macie can send all findings to Amazon CloudWatch Events. This allows you to build custom remediation and alert management for your existing security ticketing systems.

Customers including Edmunds, Netflix, and Autodesk are using Amazon Macie to provide insights that will help them tackle security challenges. Learn more about how to get started with Amazon Macie. If you are a first-time user of Amazon Macie, we recommend that you begin by reading the Macie documentation.