Breach, AI/ML

Post-Breach Fixes: Snowflake Adds Mandatory MFA

Share

Snowflake users are to be pushed to enable multi factor authentication (MFA) in new product capabilities, as reported by SC Media UK. Snowflake provides cloud-based data storage, management and analytics to a wide range of enterprise organizations -- an increasingly important function in the AI era.

The security steps follow a notable breach of Snowflake from this summer, where the details of 165 customers were leaked in an extortion campaign. As a provider of data services, the attack on Snowflake had wide ranging impacts on other organizations.

Announced in a post this week by CISO Brad Jones, the update will see users prompted to enable MFA and guided through the configuration steps. “This dialog can be dismissed, but it will reappear in three days if MFA has not been configured for the user,” Jones said in the post.

The updates are intended to better help users protect their accounts and data, and work on encouraging users who are not using security best practices to adopt them, allowing admins to enforce security by default and provide visibility into adherence to security policies - for example knowing which users haven’t configured MFA.

Jones also said that a future release will “introduce a new user object type to help exclude service users from MFA policies at scale.”

Read the complete story here.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Related Terms

Attack Vector