Companies choose to utilize Snowflake for its analytics capabilities and other beneficial cloud offerings. However, moving data to the cloud poses security risks and demands to follow stricter privacy and data cross border requirements, especially when the data contains personal and sensitive customer information. The privacy requirements have grown rampant and spread widely across the globe following the inception of GDPR in Europe. California had followed with its CCPA law and other countries have adopted their own similar versions of these regulations (including Mexico’s Federal Data Protection Law, LGPD in Brazil, the Personal Data Protection Bill in India, Australia’s Privacy Principle and Data Privacy Act in the Philippines.)
A natural solution would be to encrypt the data on Snowflake, but that requires uploading and storing exposed personal data to Snowflake, causing a potential violation of privacy and security requirements.
SecuPi developed a solution for this challenge by encrypting data on-prem, before it’s uploaded to Snowflake. This allows uploading encrypted data safely to Snowflake (without violating privacy requirements and security needs) and still enjoying the benefits of cloud analytics. Once the data analysis is said and done, it can be accessed again in the clear only by data analysts who have SecuPi with the appropriate policies that allows them to access it.
SecuPi enables to apply “single out” (preventing analysts from querying VIP customers), “max out” (alerting when analysts extracting an abnormal amount of customer data), logical deletion and row, column & cell level anonymization, as well as dynamic masking, providing even more effective and flexible ways for protecting data.
SecuPi was purposely built to comply with all technical articles of the different privacy regulations mentioned above and data cross border controls, ensuring access on a “need-to-know” basis while adhering to security by design, customer consent and “right to be forgotten” attributes.
Watch this video to see how the SecuPi solution for Snowlake works: