Continuous Data Protection¶
Continuous Data Protection (CDP) encompasses a comprehensive set of features that help protect data stored in Snowflake against human error, malicious acts, and software or hardware failure. At every stage within the data lifecycle, Snowflake enables your data to be accessible and recoverable in the event of accidental or intentional modification, removal, or corruption.
The features include:
- Network policies for granting or restricting users access to the site based on their IP address (i.e. IP whitelisting).
- User verification required for account access, including support for:
- Multi-factor authentication (standard for all accounts; enabled per user by Snowflake on request).
- Federated authentication (for Snowflake Enterprise Edition).
- Access to all objects in the system through security roles.
- Automatic encryption of data:
- 256-bit AES encryption of data at rest and in transit.
- 128-bit or 256-bit AES encryption of all files staged for bulk loading/unloading data.
- Maintenance of historical data (i.e. data that has been changed or deleted):
- Querying and restoring historical data using Snowflake Time Travel.
- Disaster recovery of historical data (by Snowflake) through Snowflake Fail-safe.
Continuous Data Protection features are included standard for all accounts, i.e. no additional licensing is required; however, some features are available only for Snowflake Enterprise Edition. In addition, both Time Travel and Fail-safe require additional data storage, which has associated fees.