Snowflake Achieves ISO Certification to Help Keep Data Safe

SAN MATEO, Calif., June 26, 2019  — Snowflake, the data warehouse built for the cloud, today announced that it has added ISO/IEC 27001:2013 certification to its list of security capabilities as part of the company’s continuous efforts to provide secure data environment for customers. Compliance with ISO’s internationally recognized standard confirms that Snowflake’s security management program is comprehensive and adheres to leading practices.

ISO/IEC 27001, an information security management system standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), is invaluable for monitoring, reviewing, maintaining and improving a company’s information security management system.

Snowflake’s ISO/IEC 27001:2013 certification further demonstrates its commitment to deliver industrial strength data warehouse security. Snowflake’s end-to-end data security features provide continuous protection, encryption, auditing and monitoring of the infrastructure on which data resides, inherently improving customer data security.

Some of  Snowflake’s key security features include:

• Encryption everywhere – Snowflake automatically encrypts all data at rest and in transit.
• Comprehensive protection – Security features include multi-factor authentication, role-based access control, IP address whitelisting, federated authentication and annual rekeying of encrypted data.
• Security validations – SOC 1 Type 2, SOC 2 Type 2, PCI DSS compliance, achieving FedRAMP-Ready status, and support for HIPAA compliance validate the level of security of Snowflake’s cloud data warehouse.
• Tri-Secret Secure – Ensures customer control and data protection by combining a customer-provided encryption key, with a Snowflake-provided encryption key and user credentials.
• Private deployment – Enterprises can get a dedicated and managed instance of Snowflake within a separate AWS Virtual Private Cloud (VPC).
• System for Cross-domain Identity Management (SCIM) – A standard that allows customers to relay changes from an identity that is connecting to Snowflake all the way back to the consuming application. It uses OAuth as a way to pass through identities and is integrated with Snowflake partners like Tableau, Microsoft and Looker.

Lacework, a Snowflake customer and strategic partner, delivers a cloud security platform that combines active cloud resource monitoring, advanced analytics and smart visualization. “Lacework’s complete security platform provides visibility and intrusion detection that helps enterprises keep their data and resources safe,” said Lacework CEO, Dan Hubbard. ”It’s crucial that we practice what we preach and partner with companies like Snowflake that share our values of security and innovation. Snowflake’s built-in security features complement and integrate well with Lacework’s internal security controls and quality requirements.”

About Snowflake Inc.

Snowflake is the data warehouse built for the cloud, enabling the data-driven enterprise with instant elasticity, secure data sharing and per-second pricing, across multiple clouds. Snowflake combines the power of data warehousing, the flexibility of big data platforms and the elasticity of the cloud at a fraction of the cost of traditional solutions. Snowflake: Your data, no limits. Find out more at snowflake.com.

Source: Snowflake Inc.