Amazon Web Services unveiled a new service today that’s aimed at helping businesses automatically protect data stored in the company’s cloud. Called Macie, the service uses machine learning to classify sensitive information and then analyze access patterns to make sure that it’s staying safe.
When users set the system up, they help it classify sensitive information and assign that information a risk score. Macie will then use that training data to automatically classify new data as it comes into AWS going forward. After that, the system uses unsupervised machine learning to figure out regular access patterns for that information. If something changes unexpectedly, Macie will alert a customer’s security team so they can check it out.
The service is designed to protect companies from large-scale data breaches using machine learning. For example, the system should be able to flag if someone new is accessing a large volume of human resources data, which could help prevent a damaging data breach.
Macie is similar to services that other cloud providers and security companies already offer, but benefits from being native to AWS. One of the service’s key pluses is that it can help companies protect themselves from insider threats, since unusual access from a credentialed user will still create a Macie flag, even if their credentials weren’t taken.
Right now, Macie works with data stored in AWS’ Simple Storage Service (S3), and the company says that it will support other kinds of data later this year. It also uses events generated from the company’s CloudTrail logging service. Companies pay for Macie based on the number of gigabytes analyzed and the number of CloudTrail events processed.
AWS already has a number of marquee customers using Macie, including Netflix, Edmunds.com, and Autodesk. At launch, the service is only available through the cloud provider’s Northern Virginia and Oregon data centers.
In addition to Macie, AWS also announced some other security updates today. CloudTrail, a logging service that helps power Macie, will be turned on by default for all customers going forward. Businesses will get 7 days of historical logging data through CloudTrail for free, and can pay for additional history and better visualization of events.
The company’s CloudHSM service, which provides customers with access to hardware security modules stored in cloud data centers for encryption keys, has been updated to better support a cloud deployment model.
The previous iteration of the CloudHSM service will still be available as CloudHSM Classic, so customers with code that depends on the older service will be able to keep running that without modification.