Snowflake Advances Cybersecurity Excellence by Joining CISA Secure by Design Pledge
The security of our customers’ data is, and always will be, our highest priority, which is why we have built security into the foundation of Snowflake’s platform since our inception. We offer a wide range of security tools to help our customers maximize their cybersecurity posture and protect themselves from cyberthreats. We made MFA free and available to customers when we first launched our service in June 2015, and it has been a part of our best practice guidelines and onboarding process for customers ever since. We’ve supported network policies since 2016. We also offer built-in encryption, authentication and unified role-based access controls (RBAC).
MFA is one of the most important security measures that every business needs to utilize, and when paired with network policies, it delivers comprehensive security. This was brought to light recently as some of our customers experienced a cybersecurity compromise of their Snowflake account. Only customers that had their credentials stolen/breached on the darkweb and did not have MFA enabled or network policies for their accounts were affected. After multiple investigations, including by outside cybersecurity experts, there is no evidence our platform was breached.
The most important point is we’re all in this together. That’s why we recently announced advancements to Snowflake’s MFA policy and the general availability of our Trust Center as the latest examples of our continued commitment to innovation around security.
Snowflake’s MFA policy will require MFA for all newly created Snowflake accounts. It currently provides Snowflake admins with controls to enforce mandatory MFA for Snowflake users across their organization.
Additionally, our newly released Trust Center is enabled by default and provides customers with account transparency and assurance regarding data security and compliance through a single interface. Customers can leverage the Trust Center Security Essentials scanner package to help mitigate credential theft issues. This package looks for MFA compliance, as well as the use of network policies. Customers also have the option to use the CIS Benchmarks scanner package to evaluate their account against the CIS Snowflake Foundations Benchmark so they can more seamlessly maintain the highest standards of trust and integrity for their data, all from Snowflake’s platform.
The Snowflake Security Hub empowers organizations with resources to better safeguard their data. The Hub features best practices, investigative reports and deep dives into Snowflake’s latest security advancements to help customers protect themselves against threats across their Snowflake environment.
We’re committed to continuing our investment into technology and tools that help customers achieve best-in-class security, and we will continue to accelerate in-product capabilities that support the CISA Secure by Design principles to further bolster security initiatives for our customers.
Learn more about Snowflake’s recommended security best practices to reduce the risk of credential compromise here.