With the California Consumer Protection Act (CCPA) and General Data Protection Regulation (GDPR) now in full swing, the regulatory landscape for businesses has never been more complicated. Consumers are increasingly aware of cybersecurity in their daily lives, and they are demanding better protection against these threats when using online services.
Despite this crackdown on data protection, there were still massive data breaches in 2019. The largest fine on record was given to British Airways in July 2019, at a staggering $230 million under GDPR after more than 500,000 individual customer names, billing addresses, email addresses, and card details were compromised.
Adherence to compliance policy comes from intelligent database design, not the database itself. You could use the most innovative, modern database software on the planet, and still risk data breaches due to improper identity access management (IAM) and data sensitivity categorization.
Snowflake is a leading data warehousing and analytics platform that uses serverless computing to improve data protection compliance management. Specialized compute clusters handle database processing, and employees interface with your database through a master node abstraction layer. This centralizes your point of access, unifying individual database clusters behind a single, easily managed entry point.
Let us explore some of the security features on the Snowflake platform.
IP-Level Network/Site Access – Snowflake offers IP whitelisting and blacklisting functionality, which is easily managed using its graphical user interface (GUI).
This allows you to set static IP addresses for each department and whitelist or blacklist the IPs in line with your data access policy. You lack granular control with this method, but they also offer account-level access management.
Identity Access Management (IAM) – For more fine-tuned control, you can use IAM on the Snowflake platform to control your data access policy.
Every individual network user can be permitted or blocked from accessing information depending on their security clearance. This management functionality can be as narrow as per-object in a database with proper categorization and tagging of data, maximizing accessibility, and minimizing risk.
SSO And MFA – Single-sign-on (SSO) and multi-factor authentication (MFA) can further bolster your database security arsenal.
With SSO, you can simplify day-to-day computing for employees by omitting the need to enter login details when accessing your database. Employees will often decide to use the same password for each program, increasing the number of attack surfaces and impeding security policy adherence. By centralizing your account credentials, you have more visibility into potential security issues, improving security compliance.
MFA adds a second authentication requirement during login. This means if a third party obtains an employee's login details, they still won’t have the security key needed to get into your systems.
Automatic Data Security – Snowflake automatically secures all the data you store using either AES 128/256-bit end-to-end encryption (E2EE). This covers both at-rest and in-transit data processing, securing both your stored datasets and data transmitted over the internet.
During loading and unloading of data, Snowflake can downgrade the encryption level to 128-bit, offering a 40% or higher performance boost due to reduced CPU overhead. It is always possible to force AES 256-bit, but you will use more processing power and increase your costs—albeit with higher overall security.
With their enterprise tier, you can perform periodic rekeying of encrypted data. Much like changing the locks on a property after a tenant moves out, rekeying your encrypted data will ensure long-term security. By compartmentalizing datasets, you reduce the amounts of data using the same decryption key, reducing the scope of cyberattacks in the event of a breach.
Trianz is a leading data compliance management and data warehousing consulting firm, with industry-leading knowledge on data protection best practices. We have partnered with Snowflake to give our clients access to the bleeding-edge of data security management. Our team of consultants will work with you to assess, plan, and undergo your database migration, bolstered by the cloud-native security features on the Snowflake platform.
Get in touch with our data compliance management team to learn how Trianz can help you shield your customers' data from attackers before it’s too late.
Contact Us Today
Finding Hidden Patterns and Correlations Innovative technologies such as artificial intelligence (AI), machine learning (ML) and natural language processing (NLP) are transforming the way we approach data analytics. AI, ML and NLP are categorized under the umbrella term of “cognitive analytics,” which is an approach that leverages human-like computer intelligence to identify hidden patterns and correlations in data.Explore
What Is an SQL Query Engine? SQL query engine architecture was designed to allow users to query a variety of data sources within a single query. While early SQL-based query engines such as Apache Hive allowed analysts to cut through the clutter of analytical data, they found running SQL analytics on multi-petabyte data warehouses to be a time-intensive process that was difficult to visualize and hard to scale.Explore
The Cloud is the Key to Transformation Success… Transitioning your applications to the cloud is undeniably a critical factor to a successful digital transformation endeavor. It’s more than just a lift-and-shift, however. Let’s explore several things that you need to consider before migrating your applications to the cloud, including: Readiness of your application portfolio Where to begin – the right business case and migration strategy Technology requirements and considerationsExplore
Application Modernization at Speed and Scale Enterprises are pursuing greater application scalability, cost efficiency, and standardization with containerization and virtualization platforms. So, what’s the difference? Containers are a type of virtualization technology that allows users to run multiple operating systems inside a single instance of an OS. They are lightweight and portable, making them ideal for running applications across different platforms.Explore