Secure Views & Secure Data Sharing Between Teams
β¨ Story Time β βSharing Without Riskββ
Meet Priya, a data engineer.
Her company wants the sales team and marketing team to access customer data:
- Sales team: Needs contact info + last purchase
- Marketing team: Needs demographics + campaign history
But the company also needs to protect sensitive info like emails, credit card data, and personal identifiers.
The solution? Secure Views and Snowflake Secure Data Sharing.
𧩠What are Secure Views?β
A Secure View is a view that:
- Hides sensitive columns
- Prevents underlying table access
- Enforces row- or column-level security
Key features:
- Data in secure views cannot be bypassed
- Queries on secure views cannot be modified to reveal hidden data
- Works seamlessly with roles and access policies
Example:β
CREATE SECURE VIEW marketing_customers AS
SELECT customer_id, campaign_id, age_group
FROM customers;
- Sensitive columns like email, phone, or credit_card are hidden
- Users can query only allowed columns
π How Secure Views Workβ
- Secure Views mask underlying data
- Users query the view instead of the table
- Snowflake ensures no access to hidden columns or underlying table
- Ideal for cross-team data access and compliance
Analogy: Think of a curtain in front of sensitive info β everyone sees only what theyβre allowed.
π― What is Secure Data Sharing?β
Secure Data Sharing allows you to share Snowflake data with other accounts or teams without copying or moving data:
- No ETL needed
- No file exports
- Immediate access to shared data
- Works with Secure Views to enforce access policies
Example:
CREATE SHARE marketing_share;
GRANT USAGE ON DATABASE marketing_db TO SHARE marketing_share;
GRANT SELECT ON SECURE VIEW marketing_customers TO SHARE marketing_share;
- Marketing team in a different account can query the secure view
- Sensitive data is protected automatically
π§ͺ Real-World Use Caseβ
Scenario: Cross-department collaboration
- Finance team shares transaction summary with auditing team
- Auditing team gets read-only access
- Sensitive info like customer PII is never exposed
- Updates in the original table are immediately visible to auditors
Result: Collaboration without compromising security or compliance.
β‘ Benefitsβ
| Benefit | Explanation |
|---|---|
| Secure access | Protect sensitive columns and rows |
| Real-time sharing | No need to copy/export data |
| Compliance-ready | Supports GDPR, HIPAA, and internal policies |
| Simplified governance | Use roles and shares instead of separate pipelines |
| Cost-effective | No extra storage required |
π§ Best Practicesβ
- Always use Secure Views when exposing sensitive data
- Combine with roles and RBAC for fine-grained control
- Use Secure Data Sharing for cross-account or cross-team collaboration
- Avoid giving direct table access unless necessary
- Monitor shares and view usage regularly for auditing
π Summaryβ
- Secure Views hide sensitive data while allowing safe queries.
- Secure Data Sharing enables teams or accounts to access data without moving or copying it.
- Together, they allow collaboration, compliance, and real-time data access.
- Snowflake ensures data privacy, governance, and minimal storage overhead.
- Ideal for companies needing cross-team access with strict security rules.
β Next Topic
Warehouse Sizing β Small vs Medium vs Large Explained With Cost