Which industry compliance standards has Snowflake been audited and certified for?

Q: Is Snowflake NIST compliant?

Snowflakes encryption key management conforms to NIST 800-53 and involves regular rotation of encryption keys. Hardware security modules are used to safeguard top-level encryption keys.

Third-party auditors assess the security and compliance of Amazon Redshift as part of multiple AWS compliance programs. These include SOC, PCI, FedRAMP, HIPAA, and others.

Inhaltsverzeichnis Show

Service documents
Snowflake Achieves New HITRUST Risk-based, 2-Year Certification to Manage Risk, Improve Security Posture, and Meet Compliance Requirements
Financial Post Top Stories
Thanks for signing up!
Notice for the Postmedia Network
Which of the following industry compliance standards has Snowflake been audited and certified for?
Which of the following certifications Snowflake is compliant of?
Is Snowflake NIST compliant?
Is Snowflake GxP compliant?

For a list of AWS services in scope of specific compliance programs, see AWS services in scope by compliance program. For general information, see AWS compliance programs.

You can download third-party audit reports using AWS Artifact. For more information, see Downloading reports in AWS Artifact.

Your compliance responsibility when using Amazon Redshift is determined by the sensitivity of your data, your organization's compliance objectives, and applicable laws and regulations. If your use of Amazon Redshift is subject to compliance with standards like HIPAA, PCI, or FedRAMP, AWS provides resources to help:

Security and compliance quick start guides that discuss architectural considerations and steps for deploying security- and compliance- focused baseline environments on AWS.
Architecting for HIPAA security and compliance whitepaper, which describes how companies can use AWS to create HIPAA-compliant applications.
AWS compliance resources, workbooks and guides that might apply to your industry and location.
AWS Config, an AWS service, can assess how well your resource configurations comply with internal practices, industry guidelines, and regulations.
AWS Security Hub, an AWS service, provides a comprehensive view of your security state within AWS that helps you check your compliance with security industry standards and best practices.

The following compliance and security documents cover Amazon Redshift and are available on demand through AWS Artifact. For more information, see AWS Artifact.

Cloud Computing Compliance Controls Catalogue (C5)
ISO 27001:2013 Statement of Applicability (SoA)
ISO 27001:2013 Certification
ISO 27017:2015 Statement of Applicability (SoA)
ISO 27017:2015 Certification
ISO 27018:2015 Statement of Applicability (SoA)
ISO 27018:2014 Certification
ISO 9001:2015 Certification
PCI DSS Attestation of Compliance (AOC) and Responsibility Summary
Service Organization Controls (SOC) 1 Report
Service Organization Controls (SOC) 2 Report
Service Organization Controls (SOC) 2 Report For Confidentiality

Boost Productivity, Accelerate Migration & Minimize Risk Through Active Data Governance. Find & Access Trusted, Governed Data in Snowflake, Which in-turn Drives Adoption & Usage. Top-Rated Data Catalog. 2x Forrester Wave Leader. Drive Data Culture.

Features

Separate Compute/Storage/Services layers allow near infinite scalability
Pay for just the compute/storage you use
Automatic scaling up and down with demand
All data encrypted in transit and at rest
Column based storage for high performance analytics
Browser based UI. No software installation required.
ANSI SQL compliance for wide industry compatibility
SQL extensions to aid parsing of semi-structured data (JSON/XML/Avro/ORC)
Automated handling of routine maintenance (backups, tuning, upgrades, patches etc)
Real time data ingestion from streaming sources (eg Kafka)

Benefits

Consistent performance regardless of number of users or data size
Single sign on using latest industry standards (SAML 2.0, Okta)
Multi-factor authentication configurable for all users.
Individual departments can be recharged based on usage
Automated monitoring and alerting can prevent overspending
Allows simple, secure data sharing with partners or the public
Compatible with a broad range of ETL/Data ingestion tools
Compatible with all major data visualisation tools
Compatible with leading Machine Learning / Data science tools.
SaaS. Snowflake manages all aspects of software installation and updates

Service documents

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at . Tell them what format you need. It will help if you say what assistive technology you use.

News
- Archives
FP Answers
Energy
- Oil & Gas
- Renewables
- Electric Vehicles
Finance
- Banking
- Insurance
- Fintech
- Cryptocurrency
Investor
- Markets
- Personal Finance
  - Family Finance
  - Retirement
  - Taxes
  - High Net Worth
- MoneyWise Canada
Economy
Work
FP Comment
Newsletters
Executive Women
Business Essentials
MoneyWise Canada
- Borrowing Money
- Future Money
- Growing Money
The Logic
More
- Innovation
  - The Funding Portal
- FP Magazine
  - FP500
- Real Estate
- Podcasts
- Video
- Information Technology
- Small Business
  - Entrepreneur
- Commodities
  - Agriculture
  - Mining
- Shopping Essentials
  - Home Living
  - Style & Beauty
  - Kitchen & Dining
  - Personal Care
  - Entertainment & Hobbies
  - Gift Guide
- Sports Betting
- Obituaries
  - Place a Notice
- Classifieds
  - Place a Classifieds ad
  - Working
- Advertise With Us

Profile
Settings
Manage My Subscriptions
Manage My Newsletters
Customer Service
FAQ

News
FP Answers
Energy
Finance
Investor
Economy
Work
FP Comment
Newsletters
Executive Women
Business Essentials
MoneyWise Canada
The Logic

This advertisement has not loaded yet, but your article continues below.

This section is

The content in this section is supplied by Business Wire for the purposes of distributing press releases on behalf of its clients. Postmedia has not reviewed the content.

by Business Wire

PMN Press Releases
Business Wire News Releases

Snowflake Achieves New HITRUST Risk-based, 2-Year Certification to Manage Risk, Improve Security Posture, and Meet Compliance Requirements

With new HITRUST Risk-based, 2-year Certification, Snowflake remains committed to meeting key regulations and protecting sensitive information

No-Headquarters/BOZEMAN, Mont. — Snowflake, the Data Cloud company, today announced that it has achieved HITRUST r2 Certification for information security.

Financial Post Top Stories

By clicking on the sign up button you consent to receive the above newsletter from Postmedia Network Inc. You may unsubscribe any time by clicking on the unsubscribe link at the bottom of our emails. Postmedia Network Inc. | 365 Bloor Street East, Toronto, Ontario, M4W 3L4 | 416-383-2300

Thanks for signing up!

A welcome email is on its way. If you don't see it, please check your junk folder.

The next issue of Financial Post Top Stories will soon be in your inbox.

We encountered an issue signing you up. Please try again

With HITRUST Risk-based, 2-year (r2) Certified status, Snowflake’s Healthcare & Life Sciences Data Cloud has replaced its outgoing certification with a significantly expanded scope and continues to satisfy key regulations and industry-defined requirements for managing healthcare data.This achievement places Snowflake in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST Assurance Program helps organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls. In addition, HITRUST is a certifiable and recommended framework trusted by many health networks and hospitals to manage risk.

This advertisement has not loaded yet, but your article continues below.

“The Data Cloud, a live, connected ecosystem of healthcare data, promotes better outcomes for patients and provides a reimagined approach to interoperability,” said Jesse Cugliotta, Global Industry Lead – Healthcare and Life Sciences at Snowflake. “Continuing to meet HITRUST standards for health care data ensures that Snowflake is the right partner for healthcare and life science organizations who are looking to unlock the value of their data.”

Snowflake has also joined the HITRUST Shared Responsibility and Inheritance Program offering our customers and business partners a HITRUST Shared Responsibility Matrix® (SRM) to reduce time, effort and costs associated with risk management and data protection assurances by inheriting security controls and sharing prior HITRUST Validated or Certified Assessment results.

This allows customers to deploy business solutions into Snowflake and take advantage of over 400 inheritable controls, which creates efficiencies and time savings for customers looking to leverage Snowflake’s platform and ensure that customer data is protected.

“In today’s ever-changing threat landscape, HITRUST is continually innovating to find new and creative approaches to address challenges,” said Jeremy Huval, Chief Innovation Officer, HITRUST. “Snowflake’s HITRUST Risk-based 2-year Certification is evidence that they are at the forefront of industry best practices for information risk management and compliance.”

For more information on Snowflake’s Health and Life Sciences Data Cloud and HITRUST Program, visit here.

About Snowflake

Snowflake enables every organization to mobilize their data with Snowflake’s Data Cloud. Customers use the Data Cloud to unite siloed data, discover and securely share data, and execute diverse analytic workloads. Wherever data or users live, Snowflake delivers a single data experience that spans multiple clouds and geographies. Thousands of customers across many industries, including 510 of the 2022 Forbes Global 2000 (G2K) as of July 31, 2022, use Snowflake Data Cloud to power their businesses. Learn more at snowflake.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20221027005223/en/

Contacts

Snowflake
John Bruno
Industry PR Lead

#distro

Notice for the Postmedia Network

This website uses cookies to personalize your content (including ads), and allows us to analyze our traffic. Read more about cookies here. By continuing to use our site, you agree to our Terms of Service and Privacy Policy.

Which of the following industry compliance standards has Snowflake been audited and certified for?

ISO/IEC 27001 The International Organization for Standardization provides requirements for establishing, implementing, maintaining, and continually improving an information security management system. Snowflake's ISO Certificate is available for download by clicking here.

Which of the following certifications Snowflake is compliant of?

In addition, support for ITAR compliance, SOC 2 Type 2, PCI DSS compliance, and support for HITRUST compliance all validate the level of Snowflake security required by industries, and state and federal government.

Is Snowflake NIST compliant?

Snowflake's encryption key management conforms to NIST 800-53 and involves regular rotation of encryption keys. Hardware security modules are used to safeguard top-level encryption keys.

Is Snowflake GxP compliant?

Snowflake is fully GxP compatible, allowing you to implement and manage processes and controls that ensure the data security, availability and integrity needed.