Getting started with the Trust Center¶

Enable the CIS Benchmarks scanner package¶

Complete the following steps to enable the CIS Benchmarks scanner package:

1. Sign in to Snowsight.

2. Switch to a role with the requirements to access the Trust Center

3. In the navigation menu, select Monitoring » Trust Center.

4. Select a warehouse.

5. Select Scanner Packages.

6. Select CIS Benchmarks.

7. Select Enable and then Continue.

After you enable the scanner package, you can enable or disable individual scanners in the scanner package. You can also change the schedule of individual scanners in the scanner package.

Enable the Threat Intelligence scanner package¶

Complete the following steps to enable the Threat Intelligence scanner package:

1. Sign in to Snowsight.

2. Switch to a role with the requirements to access the Trust Center.

3. In the navigation menu, select Monitoring » Trust Center.

4. Select a warehouse.

5. Select Scanner Packages.

6. Select Threat Intelligence.

7. Select Enable and then Continue.

After you enable the scanner package, you can enable or disable individual scanners in the scanner package. You can also change the schedule of individual scanners in the scanner package.

Ensure multi-factor authentication (MFA) is enforced for all human users using password-based authentication¶

1. Sign in to Snowsight.

2. Switch to a role with the requirements to access the Trust Center

3. In the navigation menu, select Monitoring » Trust Center.

4. Ensure you have enabled the CIS Benchmarks scanner package.

5. Select Findings.

6. Above the list of violations, select Search.

7. In the Search box, enter multi-factor authentication.

8. Under the Violation column, select Ensure multi-factor authentication (MFA) is turned on for all human users with password-based authentication.

   A side panel opens.

9. In the side panel, select Remediation, and follow the guidance.

Find over-privileged roles¶

1. Sign in to Snowsight.

2. Switch to a role with the requirements to access the Trust Center

3. In the navigation menu, select Monitoring » Trust Center.

4. Ensure you have enabled the CIS Benchmarks scanner package.

5. Select Findings.

6. Above the list of violations, select Search.

7. In the Search box, enter snowflake tasks.

8. Under the Violation column, select Ensure that Snowflake tasks do not run with the ACCOUNTADMIN or SECURITYADMIN role privileges.

   A side panel opens.

9. In the side panel, select Remediation, and follow the guidance.

Ensure the amount of users with the ACCOUNTADMIN and SECURITYADMIN system roles is limited¶

1. Sign in to Snowsight.

2. Switch to a role with the requirements to access the Trust Center

3. In the navigation menu, select Monitoring » Trust Center.

4. Ensure you have enabled the CIS Benchmarks scanner package.

5. Select Findings.

6. Above the list of violations, select Search.

7. In the Search box, enter limit the number of users.

8. Under the Violation column, select Limit the number of users with ACCOUNTADMIN and SECURITYADMIN.

   A side panel opens.

9. In the side panel, select Remediation, and follow the guidance.

Find users who have not logged in for 90 days¶

1. Sign in to Snowsight.

2. Switch to a role with the requirements to access the Trust Center

3. In the navigation menu, select Monitoring » Trust Center.

4. Ensure you have enabled the CIS Benchmarks scanner package.

5. Select Findings.

6. Above the list of violations, select Search.

7. In the Search box, enter did not log in.

8. Under the Violation column, select Ensure that users who did not log in for 90 days are disabled.

   A side panel opens.

9. In the side panel, select Remediation, and follow the guidance.

Find risky users and mitigate authentication risks¶

1. Sign in to Snowsight.

2. Switch to a role with the requirements to access the Trust Center.

3. In the navigation menu, select Monitoring » Trust Center.

4. Ensure you have enabled the Threat Intelligence scanner package.

5. Select Findings.

6. Above the list of violations, select Search.

7. In the Search box, enter Ensure that every user is subject to an authentication policy.

8. Under the Violation column, select Ensure that every user is subject to an authentication policy that requires MFA enrollment.

   A side panel opens.

9. In the side panel, select Remediation, and follow the guidance.

For more information, see the following resources:

• How Organizations Can Use Snowflake To Move Beyond A Password-Only Sign-in Process (Whitepaper)

• Best Practices to Mitigate the Risk of Credential Compromise (Video)

Next steps¶

• Using the Trust Center