Webinar: Addressing Advanced Data Protection & Compliance in Snowflake
Jonathan Sander, Security Field CTO Snowflake, Ramu Kalvakuntla Chief Architect Clarity Insights joined Alon Rosenthal, co-founder and CEO SecuPi to record a webinar that captures their cumulative experience and best practices from implementing data protection, CCPA, GDPR compliance and Geo-fencing controls across dozens of large Snowflake and Big data customers worldwide.
Many organizations today struggle to prevent data leakage through privileged abuse and credential theft while addressing key data privacy regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Both challenges were addressed by introducing three new data protection approaches now available for Snowflake customers worldwide::
- Adding an additional fine-grained data access authorization layer that kicks in with the encryption of PII, PCI and PHI columns at ingestion time – ensuring all regulated data is encrypted in Snowflake while keeping encryption keys exclusively ON-PREM! (Complementary to the existing Snowflake file-level encryption protection).
A second overlay is added on all consumption points (e.g., on Tableau, Qlick, BO, Cognos, custom analytics applications, Snowflake CLI and Web Tools) decrypting back the sensitive data only to authorized users while adhering to different attributes including risk, legal basis and data subject consent.
- A second data protection approach was demonstrated in which all sensitive user activity is audited and monitored in real-time, labeled according to the actual data values exposed and assigned a risk score.
- As authorization granted to end-users and administrators can be abused by careless or malicious insiders and stolen by hackers, a third approach utilizes SecuPi User Behavior Analytics module with self and peer comparison detects and applies real-time remediation once trends are detected and thresholds are crossed.