Snowflake Security and Cost Management: Health Checks

Data

Snowflake Security and Cost Management: Health Checks

This series takes you from zero to hero with the latest and greatest cloud data warehousing platform, Snowflake.

As many are already aware, there has recently been a lot of noise about security on the Snowflake platform. On June 2nd, 2024, Snowflake issued this statement regarding a targeted threat campaign against some Snowflake customer accounts. This appeared to be a targeted campaign directed at users with single-factor authentication, where threat actors leveraged credentials previously purchased or obtained through infostealing malware. It’s important to note that their investigation has not discovered any vulnerabilities, exposure or misconfiguration in Snowflake directly, but rather the attack seems to leverage passwords that were retrieved by threat actors outside of Snowflake and then used in attempts to log into various accounts and websites.

As a response to this incident, Snowflake is repeating their best practice suggestions that all customers review their own security configurations and ensure sufficient security hardening is in place. This includes:

  • Reviewing your security and user lifecycle policies:
    • Password rotation
    • Password policies
    • Stale account review
    • Etc.
  • Ensuring that MFA is enabled on all user accounts (not just the ones with admin-level access)
  • Ensuring network policies are in place that limit the access to Snowflake down to specific IP addresses or subnets where possible, especially for service principals
  • Leveraging SSO where possible

Snowflake’s security hardening documentation in response to this risk can be found here. They have included scripts that can be executed to detect if your account was compromised, as well as steps to review your security and harden it against these types of attacks.

It is important to point out that whilst this is an excellent step in ongoing security automation, it lacks the same depth and breadth of experience as trusted Snowflake experts, such as InterWorks. If you require assistance in optimising your Snowflake environment, not only tightening the security but also optimising the architecture and improving cost efficiency, our Snowflake Health Check solution is ideally positioned to support you. If you have any requirements beyond this, we can support you to find and implement the appropriate solution.

What Is an InterWorks’ Snowflake Health Check?

In one sentence, this is a useful solution for any customer who is interested in reviewing that their Snowflake environment is following best practices for both security hardening and cost optimisation.

Even though Snowflake has an excellent services layer that removes a lot of the general admin involved in maintaining your data platform, there are still plenty of opportunities for cost optimisation and security hardening. Instead of failing to match compute needs with cost constraints, worrying that the right people have the right permissions or stressing about whether your environment is secure, let our team of expert data architects perform a Snowflake Health Check to ensure your Snowflake environment is following best practices.

A Snowflake Health Check is an opportunity for Snowflake customers to have their Snowflake instance evaluated by our certified experts. During the health check, a Snowflake-certified expert from our team will leverage a combination of Snowflake’s Trust Center scans and our own in-house scripts to identify areas where best practices could be implemented, including opportunities for cost savings and potential security risks.

This solution applies to any customer that is using Snowflake and wants reassurance on either their security hardening or their cost effectiveness. The Snowflake Health Check will help identify opportunities to match compute needs with cost constraints, ensure the right people have the right permissions and verify that the Snowflake environment(s) have security hardening that follows best practices.

Expected Outcomes

At the end of a Snowflake Data Health check for a customer, they will receive a report that details how their environment has been performing, combined with recommendations on how to improve their environment. Recommendations include savings, which we have seen can be as high as 30% in credit consumption reduction.

Within the report, the client will be provided with recommendations on how to ensure they do not have any vulnerabilities related to security hardening or access control issues. Anything that is easily fixed within the engagement time will be actioned by our team where possible.

Our experts will apply any quick fixes we find as we go, and work with you to plan any wider changes.

Why InterWorks?

InterWorks is a full-service, BI and IT consulting firm specializing in data-driven business solutions. Our team’s world-class expertise will help you find the right answers. At InterWorks, our global bench brings familiarity and expertise across a wide range of technologies, analytics paradigms and industry verticals. InterWorks can help you throughout the full continuum of analytics development and data engineering needs. Whether it’s transforming datasets, applying thoughtful dashboard design and UX, going deeper with machine learning and data science, or simply deploying analytics environments, we have you covered. As a regular partner of the year among partners like Tableau, Snowflake, Matillion and more, InterWorks boasts one of the largest and most talented teams of data and analytics consultants in the world.

Our Snowflake Partnership

We have a long-standing partnership with Snowflake, which includes multiple Partner of the Year awards across several regions over several years. Here are some examples:

You can also view our main page about our Snowflake partnership.

Our Demonstratable History

We have a strong history in supporting customers with their Snowflake architecture directly, which you can see from our case studies, and we regularly share our knowledge through our blog. Here are some particularly relevant articles when it comes to the security of your Snowflake environment:

Contact Us

Interested in an InterWorks’ Snowflake Health Check? Then contact us here.

KeepWatch by InterWorks

Whether you need support for one platform or many, our technical experts have you covered.

More About the Author

Chris Hastie

Data Lead
Querying Stock Data with an API Query Profile in Matillion ETL Matillion ETL is a GUI-based orchestration and transformation tool for data movement that has many functionalities, including querying ...
Snowflake External Access: Retrieve Data from an API Recently, Snowflake released external access integrations into general availability. This allows Snowflake admins to create secure ...

See more from this author →

InterWorks uses cookies to allow us to better understand how the site is used. By continuing to use this site, you consent to this policy. Review Policy OK

×

Interworks GmbH
Ratinger Straße 9
40213 Düsseldorf
Germany
Geschäftsführer: Mel Stephenson

Kontaktaufnahme: markus@interworks.eu
Telefon: +49 (0)211 5408 5301

Amtsgericht Düsseldorf HRB 79752
UstldNr: DE 313 353 072

×

Love our blog? You should see our emails. Sign up for our newsletter!