With the California Consumer Protection Act (CCPA) and General Data Protection Regulation (GDPR) now in full swing, the regulatory landscape for businesses has never been more complicated. Consumers are increasingly aware of cybersecurity in their daily lives, and they are demanding better protection against these threats when using online services.
Despite this crackdown on data protection, there were still massive data breaches in 2019. The largest fine on record was given to British Airways in July 2019, at a staggering $230 million under GDPR after more than 500,000 individual customer names, billing addresses, email addresses, and card details were compromised.
Adherence to compliance policy comes from intelligent database design, not the database itself. You could use the most innovative, modern database software on the planet, and still risk data breaches due to improper identity access management (IAM) and data sensitivity categorization.
Snowflake is a leading data warehousing and analytics platform that uses serverless computing to improve data protection compliance management. Specialized compute clusters handle database processing, and employees interface with your database through a master node abstraction layer. This centralizes your point of access, unifying individual database clusters behind a single, easily managed entry point.
Let us explore some of the security features on the Snowflake platform.
IP-Level Network/Site Access – Snowflake offers IP whitelisting and blacklisting functionality, which is easily managed using its graphical user interface (GUI).
This allows you to set static IP addresses for each department and whitelist or blacklist the IPs in line with your data access policy. You lack granular control with this method, but they also offer account-level access management.
Identity Access Management (IAM) – For more fine-tuned control, you can use IAM on the Snowflake platform to control your data access policy.
Every individual network user can be permitted or blocked from accessing information depending on their security clearance. This management functionality can be as narrow as per-object in a database with proper categorization and tagging of data, maximizing accessibility, and minimizing risk.
SSO And MFA – Single-sign-on (SSO) and multi-factor authentication (MFA) can further bolster your database security arsenal.
With SSO, you can simplify day-to-day computing for employees by omitting the need to enter login details when accessing your database. Employees will often decide to use the same password for each program, increasing the number of attack surfaces and impeding security policy adherence. By centralizing your account credentials, you have more visibility into potential security issues, improving security compliance.
MFA adds a second authentication requirement during login. This means if a third party obtains an employee's login details, they still won’t have the security key needed to get into your systems.
Automatic Data Security – Snowflake automatically secures all the data you store using either AES 128/256-bit end-to-end encryption (E2EE). This covers both at-rest and in-transit data processing, securing both your stored datasets and data transmitted over the internet.
During loading and unloading of data, Snowflake can downgrade the encryption level to 128-bit, offering a 40% or higher performance boost due to reduced CPU overhead. It is always possible to force AES 256-bit, but you will use more processing power and increase your costs—albeit with higher overall security.
With their enterprise tier, you can perform periodic rekeying of encrypted data. Much like changing the locks on a property after a tenant moves out, rekeying your encrypted data will ensure long-term security. By compartmentalizing datasets, you reduce the amounts of data using the same decryption key, reducing the scope of cyberattacks in the event of a breach.
Trianz is a leading data compliance management and data warehousing consulting firm, with industry-leading knowledge on data protection best practices. We have partnered with Snowflake to give our clients access to the bleeding-edge of data security management. Our team of consultants will work with you to assess, plan, and undergo your database migration, bolstered by the cloud-native security features on the Snowflake platform.
Get in touch with our data compliance management team to learn how Trianz can help you shield your customers' data from attackers before it’s too late.
Contact Us Today
What Is an SQL Query Engine? SQL query engine architecture was designed to allow users to query a variety of data sources within a single query. While early SQL-based query engines such as Apache Hive allowed analysts to cut through the clutter of analytical data, they found running SQL analytics on multi-petabyte data warehouses to be a time-intensive process that was difficult to visualize and hard to scale.Explore
A Winning Base for Successful Digital Transformations When it comes to developing a successful digital strategy, it is not just corporations planning to maximize the benefits of data assets and technology-focused initiatives. The Government of Western Australia recently unveiled four key priorities for digital reform in its new Digital Strategy for 2021-2025.Explore
Engage Your Workforce with a Modern Employee Intranet Solution The employee intranet has changed significantly since it was first introduced in the early 1990s. What started as HTML-based static portals have now evolved into intuitive communication tools complete with search engines, user profiles, blogs, event planners, and more. Today, many organizations are taking a second look at employee intranets to bridge gaps between teams, build company culture, centralize information, increase productivity, and improve workflow.Explore
Adopting emerging cloud technologies, consolidating resources, and improving processes is the key. “IT no longer just supports corporate operations as it traditionally has but is fully participating in business value delivery. Not only does this shift IT from a back-office role to the front of business, but it also changes the source of funding from an overhead expense that is maintained, monitored, and sometimes cut, to the thing that drives revenue,” said John-David Lovelock, research vice president at Gartner.Explore
Deliver Powerful Insights Instantaneously with Federated Queries - No Matter Where Your Data Resides The concept of federated queries isn’t new. Facebook PrestoDB popularized the idea of distributed structured query language (SQL) query engines in 2013. Over the years, AWS, Google, Microsoft, and many others in the industry have accelerated the adoption of a distributed query engine model within their products. For example, AWS developed Amazon Athena on top of the Presto code base, while Google’s BigQuery is based on Cloud SQL.Explore
What is Unstructured Data? Almost 80% of the data that enterprises and organizations collect is unstructured - data without a set record format or structure. Unstructured data includes data such as emails, web pages, PDFs, documents, customer feedback, in-app reviews, social media, video files, audio files, and images.Explore