Unified Data Security for Snowflake

Supercharge your data security and access governance with Snowflake and Privacera

Privacera, in partnership with Snowflake, delivers a superior data security and access governance solution by allowing organizations using Snowflake to provide advanced data security capabilities that allow:

• Greater data security.
• Easier creation and management of compliance rules.
• Ability to federate data security in order to allow data stewards to determine who can access what data for what purpose to remove IT bottlenecks, while having global data access and protection controls to maintain consistent data security and compliance.
• Faster on-boarding of data and users.
• Unified data security and access governance environment to build data security policies once, and deploy them to all your Snowflake and non-Snowflake data sources, simplifying and consistently applying data security governance policies

Increase your Snowflake data security

Data security and access control policies built in Privacera are natively enforced in Snowflake and allows Snowflake environments to take advantage of Privacera’s advanced data security capabilities. With Privacera, data security and access control policies can be built with user attributes, which can be synced with IAM or active directory solutions, which allows organizations to define user attributes in a single system and use them with tag-based and resource-based data security and access controls, providing greater automation and security to the Snowflake environment.

For instance, location attributes can be used to meet data residency rules or for geo-fencing data access, or if an data consumer changes functions or takes on more responsibilities, changes to their business function, department, or sensitive data access authorization can be immediately synced and captured in Privacera, providing near instant updates to what data they have access to and what masking/encryption protections are applied to sensitive data that they are authorized to access.

Simplify creation and management of data compliance rules

Privacera allows for data privacy and compliance rules to be created once using our compliance workflows and applied across your Snowflake environment, greatly simplifying implementation of regulations, such as GDPR, RTBF, CCPA, and HIPPA. And as rules evolve and modifications to security and access policies are needed, just update the relevant compliance workflow once and it is immediately applied across your entire data estate.

Federate data security and access governance

To remove IT bottlenecks and to streamline data security and access, Privacera supports a shared approach to data security and access governance, between security teams, data infrastructure owners and the business teams that have deep knowledge about the data. With the Privacera and Snowflake partnership, this federated approach to data security and access governance can be implemented in Privacera and applied to your Snowflake environment.

Virtual business data domains can be created in Privacera, for instance a virtual marketing data domain. The benefits of a virtual business domain is that data does not need to be duplicated or moved, greatly eliminating the need for data proliferation, while Privacera working natively with Snowflake ensures proper security, access, and ownership is enforced. Data security and access responsibilities can be delegated to business data stewards or owners, thus allowing the business to implement business or functional specific security and access controls, as well as approval workflows, removing IT bottlenecks to data access and greatly enhancing data availability.

In addition, Privacera allows global data security and access controls to be centrally implemented, typically leveraging a combination of Attribute-Based Access Controls (ABAC), Tag-Based Access Controls (TBAC), and Resource-Based Access Controls (RBAC), which provide security and access guardrails to ensure that all corporate level data security and access policies are automatically enforced independently of the actions of data owners and stewards. For instance, a data classification policy that only individuals with a certain classification level can access certain sensitive data in the clear, while it will be masked or encrypted for everybody else, can be created at a global level, ensuring that the sensitive data is always protected from unauthorized access, even if a data steward grants access to an unauthorized data consumer. The Privacera Snowflake solution provides a secure federated approach to data security and access, allowing organizations to get the most value out of their data, while maintaining a robust data security framework.

Unify data security for Snowflake and your entire data estate

Privacera delivers greater data security and access governance to your Snowflake environment, but many organizations have complex data and analytics ecosystems that contain other data services. Privacera as a Unified Data Security Platform supports over 50 data, governance, and security connectors and integrations, which allow you to create data security and access policies once and apply them across your entire Snowflake and non Snowflake data ecosystem, simplifying data security and access management, while ensuring consistent application of data security and access controls across your entire data estate.

Global policies using user attributes and data attributes (tags and classifications) can be applied no matter what source the data resides in and data stewardship virtual business data domains can be created across diverse data services, allowing a data stewardship model to be applied no matter where the data resides.

And Privacera Data Discovery and masking/encryption works across diverse data services as well, allowing consistent data tagging and classification rules to be applied consistently, as well as consistent application of data protection rules. With Privacera’s Unified Data Security Platform you can manage data security and access governance easily across your entire data estate.

On-board new data and users into Snowflake, faster

When you are using Privacera to manage data security and access governance across your entire data estate, on-boarding new data and users into Snowflake is greatly accelerated, since existing data security and access policies can simply be applied to the new data and users, no need to create new policies or controls.

New data can also be automatically scanned for sensitive data, and tagged or classified, allowing for sensitive data policies to be applied. In addition, since Privacera is based on open standards, any legacy systems that manages data access via Apache Ranger can simply lift and shift data access policies from Apache Ranger to Privacera, removing access policy migration out of the critical path for any data modernization, migration, or on-boarding initiatives. When new users are added, Privacera accelerates their time to insights, by allowing existing data security and access controls to be applied to the new user, which can be automated using user attributes synced directly with IAM or active directory solutions.