Fully managed data security and privacy service gets a slew of new features, greater global availability, and an 80%+ price decrease
AWS has announced a series of major enhancements to Amazon Macie, delivering important new features, greater availability worldwide, and substantially reduced pricing. The new features include updated machine learning models for more accurate detection of Personally Identifiable Information (PII), support for customer-defined data types, and native multi-account management with AWS Organizations.
As of today, Amazon Macie expands to 17 AWS Regions worldwide, with more regions coming online over the next few months. And, new Amazon Macie service optimizations enable customers to discover and protect their sensitive data in AWS at an 80% or greater discount compared to previous pricing. There are no additional charges or upfront commitments required to use Amazon Macie, and customers pay only for the data processed and Amazon Simple Storage Service (Amazon S3) buckets evaluated. To get started with Amazon Macie, visit http://aws.amazon.com/macie/.
As organizations continue to manage growing volumes of information, they need to identify and locate their sensitive data to ensure it is properly protected and being maintained in accordance with various regulatory compliance requirements. However, discovering and protecting this data at scale is an expensive and time-consuming process that can be prone to error. Amazon Macie reduces this burden by providing a scalable and cost-efficient service that helps customers more easily discover and protect their sensitive data in AWS. Once enabled with one click in the AWS Management Console, Amazon Macie automatically provides customers with a full inventory of their Amazon S3 buckets.
Customers simply select the buckets they would like to submit for sensitive data discovery, and Amazon Macie scans these buckets using machine learning and pattern matching to identify and categorize the data against a predefined set of common sensitive data types. Customers receive actionable security findings enumerating any data that fits these sensitive data types, including PII (e.g. customer names and credit cards numbers) and categories defined by privacy regulations, such as The General Data Protection Regulation (GDPR) and The Health Insurance Portability and Accountability Act (HIPAA).
Amazon Macie also automatically and continually evaluates bucket-level preventative controls for any buckets that are unencrypted, publicly accessible, or shared with accounts outside of a customer’s organization, allowing customers to quickly address unintended settings on buckets that have been identified to contain potentially sensitive data.
Over the last several months, Amazon Macie’s data discovery engine has been completely re-architected to make better use of the underlying storage and compute resources and perform even faster and more scalable detection. These optimizations have enabled an 80% reduction in price from $5 per GB processed to $1 per GB, with the price decrease exceeding 90% for high-volume customers. Complementing the price reduction, the service now features several new or evolved capabilities.
Amazon Macie’s machine learning models have been updated to deliver even more accurate detection across a growing list of PII types. For example, the models have been enhanced to better support international customers by more effectively recognizing geographic variations in data types, such as the differences in mailing address formats in the U.S. and Germany or regional naming conventions that are difficult to detect through standard pattern matching.
Customers can also now create their own data types using regular expression – a widely used standard for defining search patterns – enabling Amazon Macie to discover sensitive data that is specific to a customer’s business or formatted uniquely within an organization (e.g. patient ID numbers or internal product designations). And, with the new integration between Amazon Macie and AWS Organizations, a single administrator can now manage up to 5,000 member accounts (for centralized administration across large enterprises), automatically enable and link all future accounts (without needing to manually onboard new users), create and administer Amazon Macie data discovery jobs across accounts, and manage findings across an entire organization.
“Virtually every customer we talk to says they can benefit from having more complete visibility into their sensitive data, but it’s currently expensive and time-consuming to discover and catalog this information on their own,” said Dan Plastina, Vice President for External Security Services at AWS. “Customers have consistently told us that Amazon Macie solves this challenge much better than other tools, but that it needed to be more cost-effective to use at the scale they wanted. Today’s launch culminates a year of re-architecting work to make Macie 80% to over 90% less expensive, giving far more customers around the world the ability to use Macie to protect their sensitive data at scale and effectively meet compliance requirements like GDPR.”
Getting started with Amazon Macie is fast and easy with one click in the AWS Management Console or a single API call. Customers can try Amazon Macie now with a 30-day free trial using this same simple process. The trial includes 30 days of Amazon S3 bucket inventory and bucket-level security assessment at no cost. Customers can view a cost estimate in the Amazon Macie console to see what their estimated total monthly spend would be once the trial ends. Amazon Macie also includes 1 GB of data processed for sensitive data discovery per month at no cost. This free tier offer does not expire and is not bound by the 30-day free trial period.
Amazon Macie is available today in the US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), Asia Pacific (Hong Kong), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), and South America (Sao Paulo) regions, with availability in additional Regions in the coming months.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]