Snowflake, a leading AI data cloud company, has significantly strengthened its commitment to protecting customer data while enabling powerful AI capabilities. CEO Sridhar Ramaswamy emphasized that customer data remains exclusively theirs and is never used by Snowflake for AI training purposes. The company assures customers that their data and any AI solutions built upon it are solely used to respond to their queries. Snowflake’s robust security measures, including mandatory two-factor authentication, dark web monitoring, and its recent ISO 42001 certification, showcase its focused strategy to safeguard data amid rapidly evolving AI technologies.
Enhanced Authentication and Security Measures
To improve data security, Snowflake has implemented mandatory two-factor authentication for all accounts, incorporating modern biometric methods like Face ID. Brad Jones, Snowflake’s Chief Information Security Officer, highlighted the company’s plan to phase out legacy single-factor authentication, aiming to establish a more secure environment for its customers. Beyond authentication, Snowflake introduced passwordless options such as passkeys and programmatic access tokens, alongside support for various authenticators including Google Authenticator.
An innovative security feature, “leak password protection,” actively scans the dark web for leaked credentials associated with Snowflake accounts. If compromised credentials are detected, Snowflake proactively locks the affected accounts, preventing unauthorized access and safeguarding customer data. This approach reflects Snowflake’s “shared destiny” model, which emphasizes proactive responsibility in protecting customer information rather than relying solely on traditional shared responsibility frameworks.
Governance and AI Security
Snowflake’s AI governance is strengthened by its recent achievement of ISO 42001 certification, an international standard for AI governance. This certification required the company to establish comprehensive policies and controls ensuring responsible AI usage. Snowflake’s unified platform architecture ensures that existing data governance and security controls automatically apply to AI workloads, preserving consistency across data access and masking protocols.
Addressing AI-specific threats such as prompt injection and adversarial inputs, Snowflake offers Cortex Guardrails, which protect AI systems from malicious prompts and ensure responsible behavior. Recognizing AI’s dual nature as both an opportunity and a risk, Snowflake employs continuous red team testing and advanced machine learning models to detect suspicious activity quickly. The company remains committed to evolving its security tools through its Trust Centre platform, promising ongoing innovation to protect customers in a complex cybersecurity landscape.
