Is Data Secure When Stored in the Cloud?
Sep 10, 2018
Author: Marta Bright
A growing number of data-driven companies are making the switch to cloud data warehouses. The benefits of doing so are obvious: flexible capacity scaling, fewer administrative headaches and better performance at a fraction of the cost. As cloud storage becomes more common, however, data security is an increasing concern.
Is data stored in the cloud secure? What attributes should you look for in a cloud data warehouse vendor? Is it even possible to verify the vendor’s commitment to data protection?
If you’re asking questions like these, perhaps it’s time to dig a little deeper.
Who Guarantees the Data Security?
As you begin to evaluate cloud data warehouses (or, for that matter, any other vendor responsible for housing your data), it’s vital to obtain independent verification of consistently enforced security controls, such as data encryption and protection. Requesting a copy of the vendor’s SOC 2, Type II report for the prior 12-month period is a good place to start. Verifying PCI DSS certification and HIPAA compliance may also be pertinent, depending on your company’s data. In addition, data warehouse providers should certify the compliance of their own vendors. If a vendor is unwilling or unable to provide such documentation, you should probably keep looking.
Maximizing Cloud Data Security
Ensuring cloud security doesn’t end with the vendor’s compliance reports. Reliable vendors design user-level features aimed at maximizing cloud data security for their customers.
For example, our Snowflake data warehouse-as-a-service offers a robust suite of user-level security features that include:
Automatic Enforcement of Minimum Password Policies: One weak password could be enough to threaten your entire organization’s data. A secure cloud data warehouse enforces minimum password policies by design and keeps users in compliance.
Multi-Factor Authentication: With cyber threats as prevalent as ever, smart businesses seek out systems that utilize multi-factor authentication. By authenticating with biometrics, one-time password tokens and knowledge questions, your company gains significant control over user and device accessibility.
Fine-Grained Access Control Framework: Your company needs full transparency into who is accessing the data. In a cloud environment, this is best achieved through an access control framework that delivers a flexible, role-based approach to managing users and securable objects.
IP Whitelisting & Blacklisting: Enabling whitelists for verified users and blacklists for attackers is an important step in maintaining a secure, yet accessible data ecosystem. Your data warehouse should provide an intuitive solution for defining and enforcing network policies.
Don’t Compromise on Data Warehouse Security
Security isn’t something you should compromise on, especially when it comes to storing and accessing your company’s data. If you’re ready to try a warehouse that’s built for cloud security, read more about our best-in-class compliance initiatives and attestations, including SOC 2, Type II, along with our PCI DSS certification and HIPAA compliance.
Start your 30-day free trial and receive $400 of credits to try all of Snowflake’s features.