Snowflake Computing, a start-up based in San Mateo, California, has achieved HIPAA compliance with its cloud data warehousing service. Specifically, Snowflake has received key third-party validations of its service and processes, including a Service Organization Control (SOC) 2 Type II report and HIPAA compliance. SOC 2 is an industry standard that validates the security of infrastructures and services for cloud-based service providers.
"With organizations increasingly looking to the cloud, security has become a focal point of today's data storage conversation and concern," said Bob Muglia, CEO of Snowflake Computing. "To date, database offerings have put the burden of security on the customer, leaving them to configure, manage, and monitor infrastructure, data, and application security. Snowflake has brought world-class security expertise to designing security into our service from the start, going above and beyond other offerings to relieve users of this burden so that they can focus on solving business problems rather than suffer the headaches of security management."
Snowflake's key feature set:
- Always-on Enterprise grade encryption. Snowflake automatically encrypts all customer data by default, in transit and at rest, using the latest security standards and best practices at no additional cost.
- Multi-factor authentication. Snowflake offers integrated multi-factor authentication, to further control access to the Snowflake service, and to reduce the threat of brute force attacks.
- Federated Services. Snowflake offers federated services for organizations that want to leverage their existing SAML 2.0 investments.
- Automatic key management. Snowflake rotates account and table keys on a regular basis, entirely transparent to the customer and requiring no configuration or management.
- Intrusion Detection. Integrated SIEM services for monitoring and notifying customers of potential suspicious activities to help them thwart attacks.
- Role based access. Snowflake allows role based access and control for both data access and operation.
- Dedicated Instances. For customers with sensitive data who need added security including compliance requirements in a virtualized environment, Snowflake offers the option of dedicated compute resources.
http://www.snowflake.net