Amazon Web Services Inc. is taking the good fight on personal information security to competitors with a new security service that provides personal data monitoring to enterprise users in the cloud.

Called “Macie” and based on technology Amazon acquired with the purchase of Harvest.ai Inc. in January, the new service recognizes sensitive data such as personally identifiable information and intellectual property and monitors access to the data.

Using machine learning to help customers prevent data loss, Macie automatically discovers, classifies and protects sensitive data in AWS and offers customers dashboards and alerts to allow enterprise users to see how personally identifiable information is being accessed or moved. The managed service continuously monitors data access activity for Amazon S3 users, in theory giving enterprise users security oversight that they previously did not have.

Matt Wood, AWS’s general manager of artificial intelligence, said during a keynote at the AWS Summit today in New York that “securing sensitive data is job zero for customers.” To date, he said, it has been manual process to categorize and label data, so AWS wanted to bring machine learning to bear to automate that, using the context of the information to understand what’s sensitive and how. More specifically, Amazon said, Macie uses machine learning to understand the content and user behavior of each organization.

Bill Shinn, a principal security solutions architect at AWS who spoke to SiliconANGLE’s theCUBE team on Monday, said that the new service “has a very differentiated classification engine” and also implied that the new service is AWS’s answer to the European General Data Protection Regulation law that goes into effect in May 2018. “If you’re moving data by European citizens around, you really have to understand that data,” he noted. “I think Macie will be a big part of a lot of customers’ strategy on GDPR.”

Amazon is actually late to this security party. Microsoft Corp. launched Azure Active Directory Identity Protection, now simply called Azure Threat Protection, in February 2016. Both services work on a similar basis, using machine learning to monitor and identify personal information security risks for enterprise customers.

Amazon’s entry into the space may prove a welcome addition for AWS cloud customers, though for now it’s offered only in AWS’s U.S. East and U.S. West regions.

Image: Amazon Web Services