Amazon Macie should be enabled
Description
This control checks whether Amazon Macie is enabled for an account. The control fails if Macie isn't enabled for the account. Amazon Macie discovers sensitive data using machine learning and pattern matching, provides visibility into data security risks, and enables automated protection against those risks. Macie automatically and continually evaluates your Amazon Simple Storage Service (Amazon S3) buckets for security and access control, and generates findings to notify you of potential issues with the security or privacy of your Amazon S3 data. Macie also automates discovery and reporting of sensitive data, such as personally identifiable information (PII), to provide you with a better understanding of the data that you store in Amazon S3.
Remediation
To remediate this issue, you need to enable Amazon Macie for your account.
Steps
- Navigate to the Amazon Macie console
- Select the appropriate AWS region
- Click 'Get started' or 'Enable Macie'
- Choose your data discovery preferences
- Select the S3 buckets to monitor
- Configure findings and notifications
- Review and confirm the configuration
- Enable Macie for your account
- Verify Macie is active and monitoring
- Set up automated responses to findings