Share this article on:
Following a raft of high-profile data breaches of poorly secured Snowflake servers, the company has announced administrators can now enforce multifactor authentication.
Cloud storage firm Snowflake has responded to a string of data breaches of its customers’ cloud instances by adding several new security features.
“Snowflake is committed to helping customers protect their accounts and data,” said Snowflake principal product manager Anoosh Saboori and chief information security officer Brad Jones in a 9 July blog post.
“That’s why we have been working on product capabilities that allow Snowflake admins to make multifactor authentication (MFA) mandatory and monitor compliance with this new policy.”
The new features revolve around three principles: prompt, enforce, and monitor.
From today, Snowflake will now actively prompt users to enable multifactor authentication when they log on. The prompt will guide users through setting up MFA, and while users can dismiss the prompt, it will pop up again within three days.
On the enforcement angle, administrators will be able to set up an option in Snowflake Authentication Policies to make MFA a requirement for all users. Admins will have control over the scope of this process when it comes to single sign-on users. The policy can also be set at a per-user level.
Finally, Snowflake has announced the general availability of both the Trust Center Security Essentials and the Trust Center CIS Benchmarks scanner packages. These monitor MFA compliance and can detect “overprivileged entities, stale users who have not logged in for the past 90 days, ACCOUNTADMIN grants and more”.
“Snowflake is committed to continuing its investment into technology and tools that help our customers increase their security. Soon, Snowflake will require MFA for all human users in newly created Snowflake accounts,” Saboori and Jones said.
“We recommend that all customers start using MFA authentication policies and Trust Center now to prepare their environments, and watch for additional features in the coming months.”
Cyber security researcher Kevin Beaumont welcomed the move.
“This solves all the inherent product weaknesses from the prior setup, they did a good job,” Beaumont said on Mastodon.
According to research by cyber security firm Mandiant, it and Snowflake had contacted more than 160 customers with vulnerable Snowflake instances since initial news of the lack of MFA by default broke. Snowflake MFA victims include Ticketmaster, Pure Storage, and the Santander Bank.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.