Datalytyx Ltd

DATALYTYX Snowflake Cloud Data Warehouse

Snowflake computing has built a new SQL data warehouse from the ground up for the cloud. It provides security, simplicity, scalability and performance, allowing customers to pay only for the storage and compute resources they use down to the second.

Features

  • SQL based
  • Structured and semi-structured data
  • High performance
  • Unlimited concurrency without affecting performance
  • High security - role-based access, always-on encryption
  • ODBC, JDBC, Javascript, Python, Spark, R, and Node.js connectors

Benefits

  • Upload diverse data, break down siloes
  • Share access to a specified and secure set of data
  • Usage-based pricing for compute and storage
  • Zero management - automatic optimisation, availability

Pricing

£40 per terabyte per month

Service documents

Framework

G-Cloud 11

Service ID

3 6 2 4 8 4 8 3 8 0 5 9 3 3 7

Contact

Datalytyx Ltd

Justin Mullen

+44 (0)2036 379155

sales@datalytyx.com

Service scope

Service constraints
N/A
System requirements
To be determined and agreed for each customer

User support

Email or online ticketing support
Email or online ticketing
Support response times
Support requests/questions vary in response time based on priority status ranging from 1 (most severe) to 4 (least severe).

Priority 1 – 1 service hour
Priority 2 – 2 service hours
Priority 3 – 4 service hours
Priority 4 – 8 service hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
There is one support level included with the purchase of the product which includes online, email and phone support during 0830-1800 Monday through Friday. Additional support can be negotiated on a case by case basis. We provide a technical account manager.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Training and documentation available according to customer requirements.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Snowflake supports bulk export of data from a database table into flat, delimited text files or into Amazon S3 or Microsoft Azure.
End-of-contract process
Snowflake provides data storage and compute services based on actual usage with no additional costs.

Using the service

Web browser interface
Yes
Using the web interface
Snowflake Cloud Data Warehouse is entirely accessed through a web interface. It requires a username and login with 2 factor authentication available for extra security.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
N/A
Web interface accessibility testing
N/A
API
Yes
What users can and can't do using the API
RESTful APIs available. APIs are set up and managed by Datalytyx.
API automation tools
Terraform
API documentation
Yes
API documentation formats
HTML
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
Users can download SnowSQL from the Snowflake UI after logging into their account. Snowflake provides a native installer for each platform with easy-to-follow installation steps. Once installed, just type a simple command to enter your username, account name and password. SnowSQL offers a wide range of commands and features including auto-complete, syntax highlighting, auto-upgrade and secure connection and encryption.

Scaling

Scaling available
Yes
Scaling type
Automatic
Independence of resources
Similar to regular virtual warehouses, a user can resize all additional clusters of a multi-cluster warehouse instantly by choosing a different size (e.g. XS, S, M, L,etc.) either through the UI or programmatically via corresponding SQL DDL statements. In auto-scale mode, Snowflake automatically adds or resumes additional clusters (up to the maximum number defined by user) as soon as the workload increases. If the load subsides again, Snowflake shuts down or pauses the additional clusters. No user interaction is required – this all takes place transparently to the end user.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Memory
  • Number of active instances
Reporting types
Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Snowflake Computing

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
In-house destruction process

Backup and recovery

Backup and recovery
Yes
What’s backed up
Full or incremental export of all data
Backup controls
Full or incremental exports of data can be scheduled on a regular basis. Snowflake also offers a feature called 'Failsafe' which can retrieve historical data from a period of time (30 days ago, 60 days ago, etc.) set by the customer.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The Snowflake deployment extends across three availability zones so that Snowflake can continue to operate even if two of these zones become inaccessible or unavailable due to the loss of network connectivity or in the event of a disaster.

The Snowflake storage layer is synchronously and transparently replicated across multiple disk devices and availability zones through the Amazon S3 service. Snowflake’s virtual warehouse and cloud services layers are similarly deployed across three availability zones in a region.
Approach to resilience
Snowflake’s data warehousing service is fully distributed and resilient across multiple data centres at all layers. Data is stored in fully replicated storage and can be recovered instantly using Snowflake’s Time Travel feature.
Outage reporting
Email alerts.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Username or password
Access restrictions in management interfaces and support channels
Snowflake provides granular control over access to objects — who can access what objects, what operations can be performed on those objects, and who can create or alter access control policies.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Certified Internal Systems Limited
ISO/IEC 27001 accreditation date
15/10/2015
What the ISO/IEC 27001 doesn’t cover
The information security management system applies to the provision of trusted and managed information security services to internal and external customers of Datalytyx Ltd. in accordance with the statement of applicability.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
No
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
NIST 800-53 and the CIS Critical Security Controls, a set of controls created by a broad consortium of international security experts to identify the security functions that are effective against real-world threats.
Information security policies and processes
All user accounts are password protected, all passwords are encrypted. User creation and management is delegated to the Customer. User management includes the creation of new users, user disable/enable, and user deletion.

Data is partitioned by organization, and data can only be shared within the organization.

All errors and updates within the system are logged to allow investigation.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Snowflake provides documentation of all changes and updates to components via their online knowledgebase and email updates. All clients are notified of the upcoming changes before any updates are applied to their instances.

Changes are assessed by Datalytyx for potential impact to clients.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Snowflake shall create, implement and maintain system administration procedures for systems that access Customer Data that meet or exceed industry standards, including without limitation, system hardening, system and device patching (operating system and applications) and proper installation of threat detection software as well as daily signature updates of same.

Snowflake Security reviews US-Cert new vulnerabilities announcements weekly and assess their impact to Snowflake based on a Snowflake-defined risk criteria, including applicability and severity. Applicable US-Cert security updates rated as “high” or “critical” are addressed within 30 days of the patch release.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Snowflake's hosting provider performs regular monitoring and response. The hosting provider provides instant emergency response by text or email.
Incident management type
Supplier-defined controls
Incident management approach
At agreed intervals, our account managers meet with their clients to review the accumulated log of any reported incidents, so that progress can be tracked, queries raised and dealt with, and a high level of understanding of the client’s needs grown and maintained.

Users can report incidents either by phone or email.

Incident reports are provided by email or via an agreed upon shared hosting platform.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Third-party
Third-party virtualisation provider
Snowflake Computing
How shared infrastructure is kept separate
Snowflake is a multi-tenant service that implements isolation at multiple levels. It runs inside a virtual private cloud (VPC), a logically isolated network section within the Amazon Web Services (AWS) cloud. The VPC enables Snowflake to isolate and limit access to its internal components. Snowflake also isolates data storage. Each customer’s data is always stored in an independent directory and encrypted using customer-specific keys, which are accessible only by that customer.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Snowflake uses either AWS or Azure datacentres for hosting. Each adheres to the EU Code of COnduct for Energy Efficient datacentres.

Pricing

Price
£40 per terabyte per month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Snowflake offers $400 of free computer and storage.
Link to free trial
https://bit.ly/2BCkEkh

Service documents

Return to top ↑