Summary of Security Features

.

Related Topics

Snowflake provides industry-leading features that ensure the highest levels of security for your account and users, as well as all the data you store in Snowflake.

The following table provides a high-level summary of the features, grouped into the following categories:

Features

Snowflake Editions

Network/site access:

  • Site access controlled through IP allow and block lists, managed through network policies.

All

Business Critical Edition (or higher)

  • Private connectivity to Snowflake internal stages using Azure Private Link.

Business Critical Edition (or higher)

User & Group Administration

  • SCIM to manage user identities and groups (i.e. roles).

All

Account/user authentication:

All

  • MFA (multi-factor authentication) for increased security for account access by users.

All

  • OAuth for authorized account access without sharing or storing user login credentials.

All

  • Support for user SSO (single sign-on) through federated authentication.

All

  • Key-Pair Authentication as an alternative to basic authentication (i.e. username and password) and key-pair rotation to support multiple active keys.

All

Object security:

  • Controlled access to all objects in the account (e.g. users, warehouses, databases, tables) through a hybrid model of DAC (discretionary access control) and RBAC (role-based access control).

All

Data security:

  • All ingested data stored in Snowflake tables is encrypted using AES-256 strong encryption.

All

  • All files stored in internal stages for data loading and unloading operations is automatically encrypted using AES-256 strong encryption.

All

Enterprise (or higher)

Business Critical Edition (or higher)

Security validations:

  • Soc 1 Type II compliance.

All

  • Soc 2 Type II compliance.

All

  • Support for HIPAA compliance.

Business Critical Edition (or higher)

  • PCI DSS compliance.

Business Critical Edition (or higher)

Business Critical Edition (or higher)