Can's Blog

Classification and Protect Your Sensetive Data with Amazon Macie

Abbas Can Güven's photo
Abbas Can Güven
·

3 min read

Classification and Protect Your Sensetive Data with Amazon Macie

Classification and Protect Your Sensitive Data with Amazon Macie

Amazon Macie discovers sensitive data using machine learning and pattern matching, provides visibility into data security risks, and enables automated protection against those risks. You can classify any of your data on S3 Bucket using Amazon Macie. It is especially used for data containing sensitive information. What are these sensitive points? Financial and personal information, credit card information, phone number and home address can be given as examples.

Step by Step Amazon Macie

  1. Go to S3 product and create a S3 Bucket with name MacieTrial.(No special configuration is required)

  2. Add sensitive data to MacieTrial bucket.

  3. Go to Amazon Macie product page

  4. Click on “Create Job” at the top right on the Summary Page

  5. Choose MacieTrial Bucket which we created and then click “Next” to proceed to the next step.

  6. Later We can see the “Refine The Score” page. In this section, we can see the 2 kinds of jobs. One of them is a Scheduled job and other one is a One-Time job. We can choose work intervals (Daily, Weekly, Monthly) in Scheduled job. If this process is constantly flowing and needs to be performed regularly, the Scheduled job should be selected and time interval should be selected according to the incoming data frequency. We choose One-Time job in this setup. You can see the Sampling depth lower left on the page. With this option, you specify the percentage of eligible S3 objects that you want Macie to analyze when a sensitive data discovery job runs. If this value is less than 100%, Macie selects eligible objects to analyze at random

  7. You can see the 4 different Identifier options in Data Identifier steps. These options are All, Exclude, Include and None. If you want it more information about it, The description will be written under the option.

  8. Custom Identifiers, This section is an input field for sensitive data that Amazon Macie cannot find automatically. In this section, you can create your own (Custom) Identifier.

  9. In Allow List steps, You can define the specific text pattern that you want to ignore it. For example, let's assume that you don’t want to encrypt Credit Cards with Mastercard, In this section, we give this pattern information to bypass this information.

  10. General Setting, We complete the general settings such as the name and describe the job.

  11. Finally, we review and confirm the settings we selected on the Review Screen for the last time.

  12. We are waiting for "Complete" text to appear in the status column of the actively created job on the Jobs screen.

  13. After everything is finished, we can select the relevant job and then click Show Result → Show Findings to see the results.

For more detailed information, I suggest you review AWS Macie.

AWSAWS MACIEmacie