Amazon Macie Configuration
The course is part of these learning paths
Amazon Macie was launched in the summer of 2017, much to the delight of cloud security engineers. Amazon Macie is a powerful security and compliance service that provides an automatic method to detect, identify, and classify data within your AWS account. Macie currently supports Amazon S3 storage, however additional support for other storage systems will be developed and added over time. Backed by machine learning, Macie can actively review your data as different actions are taken within your AWS account. Machine learning spots access patterns and analyzes user behaviour using CloudTrail event data to alert against any unusual or irregular activity. Any findings are presented within a dashboard which can trigger alerts allowing you to quickly resolve any potential threat of exposure or compromise to your data.
This course will dive into all elements of the service, discussing its many different features and customizable elements allowing you to gain the maximum potential of its ability.
By the end of this course you will be able to:
- Provide an understanding and awareness of what Amazon Macie is and what it’s used for
- Provide an explanation of each configurable component of the service to allow you to gain maximum benefit from Macie’s capabilities
- Understand how the service can provide a customizable approach to maintaining compliance
- Understand how through automation and machine learning Amazon Mazie detects and categorizes S3 content to detect potential security threats and exposures
The content of this course is centered around security and compliance. As a result, this course is beneficial to those who are in the roles or their equivalent of:
- Cloud Security Architects
- Compliance Managers
- Cloud Administrators
- Cloud Support & Operations
As a prerequisite of this course you should have an understanding and awareness of:
- Amazon S3
- AWS CloudTrail
Hello and welcome to this lecture, which will answer the question, what is Amazon Macie?
Amazon Macie was introduced in August of 2017 as a powerful security and compliance enabling service which sits within the security identity and compliance category of the AWS management consult. The main function of the service is to provide an automatic method of detecting, identifying, and also classifying data that you are storing within your AWS account. Macie currently supports Amazon S3 storage. However, additional support for other storage systems will be developed and added over time. The service is backed by machine learning, allowing your data to be actively reviewed as different actions are taken within your AWS account. Machine learning can spot access patterns and user behavior by analyzing cloud trail event data to alert against any unusual or irregular activity. Any findings made by Amazon Macie are presented within a dashboard which can trigger alerts, allowing you to quickly resolve any potential threat of exposure or compromise of your data.
There are a number of key features that are offered by Amazon Macie during its detection and classification process. These can be summarized as follows. Amazon Macie will automatically and continuously monitor and detect new data that is stored in Amazon S3. Using the abilities of machine learning and artificial intelligence, this service has the ability to familiarize over time, access patterns to data. Amazon Macie also uses natural language processing methods to help classify and interpret different data types and content. NLP uses principles from computer science and computational linguistics to look at the interactions between computers and the human language. In particular, how to program computers to understand and decipher language data. The service can automatically assign business values to data that is assessed in the form of a risk score. This enables Amazon Macie to order findings on a priority basis, enabling you to focus on the most critical alerts first. In addition to this, Amazon Macie also has the added benefit of being able to monitor and discover security changes governing your data. As well as identify specific security-centric data such as access keys held within an S3 bucket.
This protective and proactive security monitoring enables Amazon Macie to identify critical, sensitive, and security focused data such as API keys, secret keys, in addition to PII and PHI data. It can detect changes and alterations to existing security policies and access control lists which effect data within your S3 buckets. It will also alert against unusual user behavior and maintain compliance requirements as required.
Over the past few months, you will have likely heard about numerous occurrences whereby huge quantities of PII data being stored in the cloud, have been exposed unnecessarily. Many of these instances can be attributed to a lack of understanding of key security controls offered by Amazon S3 by those storing data within the service, in addition to simple human error. Also, the sensitivity of the data may not of been understood before being stored. Understanding your data and its business value is essential. Therefore, having a managed service which provides in essence, a double-check, against your sensitive business data is invaluable.
For example, checking to ensure you are not allowing sensitive data to be accessible via the internet, which will almost certainly have adverse negative effects. There are a wide variety of compliance programs that need to be adhered to and ensuring you maintain your compliance is crucial to your business. For example, from a general data protection regulation, GDPR perspective, you are required to keep any personal information of EU citizens protected and secured at all times with adequate protection. If you inadvertently expose data of EU citizens, you could be faced with significant financial penalties, which can total 4% of your annual global turnover or up to 20 million euros, whichever is greater. So maintaining compliance and having the available tools and services to help you enable this, is fundamental for businesses storing data in the cloud.
If you would like to learn more about GDPR, you can listen to our existing webinar here, entitled Establishing a Privacy Program GDPR Compliance and Beyond. Currently, Amazon Macie is not available in all regions of AWS, so I recommend you check the AWS regional product service table found here before relying on a service to work with your S3 data, which is also a regional service.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.