Is data encrypted while in transit on the Snowflake plaform? It\'s clear that via Snowflake End to End Encryption that data at rest is encrypted, but what about data on the move
I believe this article covers the scenarios that you are asking about, specifically the results cache question. Everything within the Snowflake infrastructure is encrypted...(all the data, all the time): https://resources.snowflake.com/snowflake/automatic-encryption-of-data
All editions (Standard/Enterprise/Business Critical/VPS) of Snowflake uses AES256 encryption for data at rest and data in flight. No matter where the data is if it is inside the Snowflake scope, it is encrypted.
The data in the internal stage is encrypted with AES 128. Data in the external stage can also be decrypted but for that storage provider encryption key is needed, else it is not encrypted.
Even SnowPipe communication (when data is moving via SnowaPipe) is encrypted.
Snowflake also has Penetration Testing on a regular basis and if you have NDA signed with your company, you can fetch additional details
As you can see the image below diagram, all stored data is encrypted and data over the network is also supported as follows
The higher edition of Snowflake also uses hierarchical key model for business-critical applications.
Yes, the data is encrypted in transit. Snowflake works on the concept of END-TO-END ENCRYPTION where only the end-users view the data and nobody else would be able to view the data.
For example when data is being transferred from remote Snowflake disk (long term storage) to local cache (SSDs on compute nodes) - does the data remain encrypted during that transfer?
Yes, the data remains encrypted while in the transfer and the same is applicable when using result_cache as well.
Ref : https://www.snowflake.com/blog/end-to-end-encryption-in-the-snowflake-data-warehouse/