Compliance with ISO/IEC 27001 standard demonstrates commitment to delivering best-in-class cloud data warehouse security
Snowflake, the data warehouse built for the cloud, announced that it has added ISO/IEC 27001:2013 certification to its extensive list of security capabilities as part of the company’s continuous efforts to provide the most secure data environment for customers. Compliance with ISO’s internationally recognized standard confirms that Snowflake’s security management program is comprehensive and adheres to leading practices.
ISO/IEC 27001, an information security management system standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), is invaluable for monitoring, reviewing, maintaining and improving a company’s information security management system.
Marketing Technology News: Top of Mind Networks Adds BombBomb Integration to Surefire CRM
Snowflake’s ISO/IEC 27001:2013 certification further demonstrates its commitment to deliver industrial strength data warehouse security. Snowflake’s end-to-end data security features provide continuous protection, encryption, auditing and monitoring of the infrastructure on which data resides, inherently improving customer data security.
Some of Snowflake’s key security features include:
- Encryption everywhere – Snowflake automatically encrypts all data at rest and in transit.
- Comprehensive protection – Security features include multi-factor authentication, role-based access control, IP address whitelisting, federated authentication and annual rekeying of encrypted data.
- Security validations – SOC 1 Type 2, SOC 2 Type 2, PCI DSS compliance, achieving FedRAMP-Ready status, and support for HIPAA compliance validate the level of security of Snowflake’s cloud data warehouse.
- Tri-Secret Secure – Ensures customer control and data protection by combining a customer-provided encryption key, with a Snowflake-provided encryption key and user credentials.
- Private deployment – Enterprises can get a dedicated and managed instance of Snowflake within a separate AWS Virtual Private Cloud (VPC).
- System for Cross-domain Identity Management (SCIM) – A standard that allows customers to relay changes from an identity that is connecting to Snowflake all the way back to the consuming application. It uses OAuth as a way to pass through identities and is integrated with Snowflake partners like Tableau, Microsoft and Looker.
Lacework, a Snowflake customer and strategic partner, delivers a cloud security platform that combines active cloud resource monitoring, advanced analytics and smart visualization. “Lacework’s complete security platform provides visibility and intrusion detection that helps enterprises keep their data and resources safe,” said Lacework CEO, Dan Hubbard. “It’s crucial that we practice what we preach and partner with companies like Snowflake that share our values of security and innovation. Snowflake’s built-in security features complement and integrate well with Lacework’s internal security controls and quality requirements.”
“Security is rooted in Snowflake’s unique built-for-the-cloud architecture,” Snowflake Vice President of Security, Mario Duarte said. “Gaining the internationally recognized ISO/IEC 27001:2013 certification is another proof point to our customers that Snowflake provides them with best-in-class, standards-based practices to ensure the security of their data. Our goal with initiatives like this is to remove from our customers the complexity and burden of enabling security.”
Marketing Technology News: PMG Launches Marketing Intelligence Platform — Meet Alli