With the California Consumer Protection Act (CCPA) and General Data Protection Regulation (GDPR) now in full swing, the regulatory landscape for businesses has never been more complicated. Consumers are increasingly aware of cybersecurity in their daily lives, and they are demanding better protection against these threats when using online services.
Despite this crackdown on data protection, there were still massive data breaches in 2019. The largest fine on record was given to British Airways in July 2019, at a staggering $230 million under GDPR after more than 500,000 individual customer names, billing addresses, email addresses, and card details were compromised.
Adherence to compliance policy comes from intelligent database design, not the database itself. You could use the most innovative, modern database software on the planet, and still risk data breaches due to improper identity access management (IAM) and data sensitivity categorization.
Snowflake is a leading data warehousing and analytics platform that uses serverless computing to improve data protection compliance management. Specialized compute clusters handle database processing, and employees interface with your database through a master node abstraction layer. This centralizes your point of access, unifying individual database clusters behind a single, easily managed entry point.
Let us explore some of the security features on the Snowflake platform.
IP-Level Network/Site Access – Snowflake offers IP whitelisting and blacklisting functionality, which is easily managed using its graphical user interface (GUI).
This allows you to set static IP addresses for each department and whitelist or blacklist the IPs in line with your data access policy. You lack granular control with this method, but they also offer account-level access management.
Identity Access Management (IAM) – For more fine-tuned control, you can use IAM on the Snowflake platform to control your data access policy.
Every individual network user can be permitted or blocked from accessing information depending on their security clearance. This management functionality can be as narrow as per-object in a database with proper categorization and tagging of data, maximizing accessibility, and minimizing risk.
SSO And MFA – Single-sign-on (SSO) and multi-factor authentication (MFA) can further bolster your database security arsenal.
With SSO, you can simplify day-to-day computing for employees by omitting the need to enter login details when accessing your database. Employees will often decide to use the same password for each program, increasing the number of attack surfaces and impeding security policy adherence. By centralizing your account credentials, you have more visibility into potential security issues, improving security compliance.
MFA adds a second authentication requirement during login. This means if a third party obtains an employee's login details, they still won’t have the security key needed to get into your systems.
Automatic Data Security – Snowflake automatically secures all the data you store using either AES 128/256-bit end-to-end encryption (E2EE). This covers both at-rest and in-transit data processing, securing both your stored datasets and data transmitted over the internet.
During loading and unloading of data, Snowflake can downgrade the encryption level to 128-bit, offering a 40% or higher performance boost due to reduced CPU overhead. It is always possible to force AES 256-bit, but you will use more processing power and increase your costs—albeit with higher overall security.
With their enterprise tier, you can perform periodic rekeying of encrypted data. Much like changing the locks on a property after a tenant moves out, rekeying your encrypted data will ensure long-term security. By compartmentalizing datasets, you reduce the amounts of data using the same decryption key, reducing the scope of cyberattacks in the event of a breach.
Trianz is a leading data compliance management and data warehousing consulting firm, with industry-leading knowledge on data protection best practices. We have partnered with Snowflake to give our clients access to the bleeding-edge of data security management. Our team of consultants will work with you to assess, plan, and undergo your database migration, bolstered by the cloud-native security features on the Snowflake platform.
Get in touch with our data compliance management team to learn how Trianz can help you shield your customers' data from attackers before it’s too late.
Contact Us Today
With businesses collecting massive quantities of information daily, it is crucial to maintain data accessibility for employees. The art of data integration involves combining datasets from different sources to create a unified focal point for analysis and insight generation. This achieves a state of data confluence, which can be beneficial in a variety of use cases including commercial applications and scientific research.Explore
As internet usage continues to grow, so does the generation of raw data. Businesses need to process this raw data into useable structured data, so they can extract insight to guide their enterprise strategy. Without a unified, integrated IT infrastructure, data processing will become more complicated due to growing service quality demands and an increased number of data sources.Explore
With the explosive growth of big data and cloud computing, we’ve seen a remarkable increase in the quantities of data we generate each day. According to a study by EMC Corporation, it is estimated that we will generate 1.7 megabytes of data every second, of every day, for every single person on the planet in 2020. That is equivalent to 40 Zettabytes, or 40 billion Terabytes per year. This is a goldmine of information, but even more surprising is the fact that only 12% of this data is ever properly analyzed—namely due to a lack of effective data governance.Explore
The cloud has become one of the most popular hosting destinations for businesses, thanks to the decentralized provision of modern, cost-effective computing resources. In particular, there has been a sharp rise in cloud-based data warehousing, due to the abundant storage capacity and easy scalability of these server instances.Explore
Data Governance is a method of defining and implementing a set of rules, roles, and responsibilities that work together to sustain and promote the value derived from the stored datasets your company holds. In simpler terms, data governance aims to maximize the value of your datasets while simultaneously reducing the risks associated with storing them. Through years of data governance consulting, the team at Trianz has identified the four main principles of a good data governance strategy. They are: Metadata Management Lifecycle ManagementExplore