SMG Swiss Marketplace Group AG Enhances Security at Scale on AWS
As international regulations evolve, it’s critical that digital companies maintain compliance to protect users’ sensitive data. SMG Swiss Marketplace Group AG (SMG) wanted to enhance its readiness for Switzerland’s new Federal Act on Data Protection by improving its security capabilities. As part of its comprehensive compliance strategy, SMG used Amazon Web Services (AWS) to augment its ability to identify and secure personally identifiable information (PII) efficiently at scale.
About SMG Swiss Marketplace Group AG
Based in Switzerland, SMG Swiss Marketplace Group AG runs a network of online marketplaces that covers a range of verticals, including general markets and the real estate, automotive, finance, and insurance sectors.
Getting Ahead of Evolving Security Regulations
Based in Switzerland, SMG runs online marketplaces for general markets and the real estate, automotive, finance, and insurance sectors. “The security of our users’ data is one of our top priorities,” says Mostafa Hassanin, group chief information security officer at SMG. “We want to increase trust in our marketplaces.”
In 2023, Switzerland enacted the new Federal Act on Data Protection, which added requirements for companies to safeguard users’ PII, incorporate privacy into the foundations of their services, and implement a peak level of security as the default. SMG wanted to stay ahead of these new regulations and secure sensitive information efficiently. “We need to apply security in a scalable manner and automate detection, response, and remediation,” says Hassanin.
Most of SMG’s brands were already running on AWS, and the company had more than 160 AWS accounts. In 3 weeks, it implemented Amazon Macie, a data security service that uses machine learning and pattern matching to improve businesses’ ability to discover and protect sensitive data.
Enhancing Security and Visibility Across More than 160 AWS Accounts
SMG uses AWS to enhance the security of nearly 1 PB of potentially sensitive data—more than 4 billion objects in 2,500 buckets. (See figure 1.) By adopting Amazon Macie, the company strengthened its data protection capabilities and automated the detection of PII. “Now, we can automatically cover all our AWS accounts with one tool and one process,” says Hassanin. “We have visibility over what’s happening and alerts for detection and response, so we know we’re addressing sensitive data appropriately.”
Using Amazon Macie, SMG can access a consolidated overview for reporting or add custom data identifiers that search data for specific patterns. And because these processes automatically scale, SMG can find opportunities to strengthen security and implement changes at large scale.By enhancing its reporting and monitoring capabilities, the company can see how to further simplify and automate security for PII (under the AWS Shared Responsibility Model). “We can understand the trends and the maturity of our security setup over time,” says Hassanin. “Then, we can address them with the appropriate training and technical solutions.”
Becoming a Reference for Online Marketplace Security
SMG wants to be the international reference for online marketplace security, trust, and safety. It plans to continue enhancing its security posture. “To achieve something like this in a short time with such high coverage was an eye-opener,” says Hassanin. “Using Amazon Macie, we’re improving the way we protect sensitive data systematically and at scale.”
Figure 1
To achieve something like this in a short time with such high coverage was an eye-opener. Using Amazon Macie, we’re improving the way we protect sensitive data systematically and at scale.
Mostafa Hassanin
Group Chief Information Security Officer, SMG Swiss Marketplace Group AGDid you find what you were looking for today?
Let us know so we can improve the quality of the content on our pages