Proofpoint completes acquisition of Normalyze. Read more.
What is DSPM?

FEATURED

Gartner® Innovation Insight: Data Security Posture Management
Get Report
PLATFORM
The Normalyze Platform
Supported Environments
Platform Benefits
Solution Differentiators
Data Handling for DSPM
USE CASES

Reduce Data Access Risks

Enforce Data Governance
Eliminate Abandoned Data

Secure PaaS Data

Enable Use of AI

DSPM for Snowflake

MARKETS

Healthcare
Retail
Technology
Media
M&A

FEATURED

DSPM Buyer's Guide: Report
DSPM Buyer's Guide

A toolkit to help gather internal DSPM requirements and evaluate vendors

Get Your Copy

FEATURED

CYBER 60: The fastest-growing startups in cybersecurity
Get Report

Empowering Snowflake Users Securely

Joe Gregory

October 23, 2024

Two security leaders address data sprawl, user access, compliance, and scale

I recently moderated a webinar titled Unlocking the Power of Snowflake about the top challenges organizations face today: how to maximize their Snowflake investment, provide secure user access, and address the challenges of data sprawl and visibility, compliance, and scale. With 86% of tech leaders acknowledging that their cloud systems generate more data than their teams can handle efficiently​, it’s clear that the complexity of managing and securing data is only growing.

Our discussion featured two data security experts with real-world experience:

Both speakers offered personal insights into how their organizations are using Snowflake to address these challenges. They shared thoughtful strategies for controlling data access, ensuring compliance, and scaling data security in an increasingly complex cloud ecosystem.

Addressing Initial Data Security Challenges in Snowflake

One of the first things that came up in my discussions with Anoop and Josiah was the challenge of data sprawl when they initially adopted Snowflake. Both of them faced the same issue—keeping track of where data was stored and who had access to it as their environments grew. Anoop explained that at Sigma, they immediately focused on role-based access control (RBAC) and data encryption to manage this. As they scaled, the complexity increased, but with tools like Snowflake’s built-in governance features and Normalyze’s DSPM, they were able to stay ahead of the sprawl.

What really stood out to me from Josiah’s experience at Audacy was how easily Snowflake can become difficult to manage if you don’t have the right governance structures in place from the start. Snowflake’s ease of use is a double-edged sword—it makes things faster but can lead to over-provisioning. Josiah mentioned that their data team worked closely with their infrastructure team to ensure that access management was handled with the right controls and foresight.

Balancing Data Access Governance and Business Needs

Anoop and Josiah also shared how they’ve managed to reduce risks without limiting business functionality. For both Sigma and Audacy, RBAC was essential, but they didn’t stop there. Anoop talked about the importance of automating access reviews—instead of manually tracking who had access to what, they used tools to continuously monitor and adjust privileges as needed. This ensured users had the access they needed, but no more than that.

Josiah mentioned a key insight: data tagging. Audacy set up tagging protocols early on to manage data access more effectively, ensuring that each dataset was appropriately classified. That helped them maintain a balance between security and user access, preventing unnecessary delays for their teams.

Regulatory Compliance as a Driver of Strategy

Both experts made it clear that regulatory compliance shaped a lot of their Snowflake strategies. Anoop explained that GDPR and SOC 2 requirements were central to how they set up their access controls, encryption, and audit logs. By building in these elements from the beginning, they ensured that compliance audits were easier to handle. He noted that using real-time monitoring to track who accessed sensitive data made responding to audit requests far less stressful.

Josiah brought up a related point: compliance isn’t just about being reactive. They also design their governance framework with future compliance in mind. By implementing least privilege access and zero trust policies early, Audacy is prepared to adapt to new or more stringent regulations as they arise, making future audits less daunting.

Best Practices for Companies New to Snowflake

For companies just starting their Snowflake journey, both Anoop and Josiah had some practical advice. Anoop emphasized the importance of setting up multi-factor authentication (MFA) and using identity management systems like Okta to automate user provisioning. He also advised against giving users direct access to sensitive data—stick to roles, which can scale more easily as the company grows.

Josiah mentioned something I found particularly interesting: it’s important to avoid overcomplicating your setup in the beginning. He recommended starting with basic functional roles and scaling access from there. The simplicity of that approach prevents your system from becoming a nightmare later, especially when you start dealing with hundreds or thousands of users.

Scaling Security with Data Growth

As their data volumes increased, both Sigma and Audacy had to figure out how to keep up with data security without sacrificing operational efficiency. Anoop highlighted how automation has been key at Sigma—automating security controls like access management and data classification allowed them to keep pace with their growth while maintaining security.

Josiah echoed that sentiment, noting that clear communication between security and data teams was critical for Audacy. By keeping security protocols in place that didn’t slow down the team’s ability to work, they maintained the speed and agility necessary to scale, especially as they start working with AI-driven workflows. Both emphasized that Snowflake’s scalability is a strength, but only if you build your security frameworks to grow with it.

Final Thoughts

This conversation with Anoop and Josiah left me with a lot to think about. Managing data security at scale requires not only the right tools but also the right mindset—starting with a strong foundation, automating wherever possible, and always planning for future growth. Snowflake offers enormous power and scalability, but it’s the strategies and practices behind it that make all the difference.

For a deeper dive into these topics, watch the on-demand webinar, Unlocking the power of Snowflake, and read how Normalyze protects Snowflake environments.

Joe Gregory

Joe is a seasoned executive with a proven track record of delivering exceptional customer support and driving innovation for enterprise technologies. Prior to Normalyze, he spent 10+ years at Qualys (NASDAQ: QLYS), leading their Global Customer Support operations. Joe was an integral part of the release and support of over 20 new products while overhauling the entire customer experience. With an additional 13 years as an Electronic Warfare Specialist in the US Air Force, Joe brings a unique perspective and is a vocal champion for end users.