AWS has launched a new machine learning-based security service, which it claims will help customers identify anomalies inside their network.

The launch comes only a month after its S3 storage hit the headlines for all the wrong reasons, as Verizon customer data was left on an unsecured Amazon database, accessible by anyone who knew how to. It is highly unlikely this offering was developed as a result of this story, but it is a nice coincidence.

The team claim Amazon Macie can help customers automatically discovering, classifying, and protecting sensitive data in AWS. Using machine learning algorithms, the programme recognizes information which would be deemed personal, such as personally identifiable information (full names, addresses, credit card numbers or IP addresses for example) or intellectual property, and creates dashboards to notify the customer as to how this data is being accessed or moved.

“When a customer has a significant amount of content stored in Amazon S3, identifying and classifying all of the potentially sensitive data can feel a bit like finding needles in a very large haystack – especially with monitoring tools that aren’t smart enough to effectively automate what is now a very manual process,” said Stephen Schmidt, CISO of AWS.

“Amazon Macie approaches information security in a more intelligent way. By using machine learning to understand the content and user behaviour of each organization, Amazon Macie can cut through huge volumes of data with better visibility and more accurate alerts, allowing customers to focus on securing their sensitive information instead of wasting time trying to find it.”

In short, the programme takes the leg work out of the initial processes of securing information, before setting up rules to understand who should be able to access and move the data. This is often the most complicated task of any security protocols as it should not be viewed as unusual if a security team is not aware of what information the company actually holds. It should be unusual, but due to the colossal amounts of data organizations now store, knowing what everything this or how sensitive it is, is a monstrous and time consuming task.

Identifying and labelling the data is one of the labour-intensive tasks, as but as is monitoring who accesses this information. Using machine learning techniques again, AWS claims Macie monitors things such as user authentication, locations, and times of access to develop a baseline for future alerts. Should there be anomalies with any of the identifiers, this could be evidence of a data breach.

The world of artificial intelligence will play a significant role in security purely because of how big and thankless the task is. Perimeters are getting bigger, companies are collecting more information and with new regulations on the horizon (such as EU GDPR) the management of this data becomes ever more complicated. There is simply too much work to do for a team of humans to manage these challenges, at least until views on security change and more investment is realized.

This is a good example of how artificial intelligence can aide humans without costing any jobs as it is an area which is vastly under-resourced at the moment. However, it does not address the base concern of security being on the backfoot. This is a reactionary defence-system. It isn’t proactively reinforcing the perimeter to increase security, it is simply notifying the security team of a potential breach and recommending a resolution. The breach may have already happened.

Security is an incredibly complicated area, and as the previous paragraph shows, it is a thankless one. Job done is phrase which will never exist here, as the shortcomings of every update will be pointed out. Security professionals are still on the backfoot, but this is certainly a step in the right direction.