Case Study: Snowflake achieves full visibility into data movement and insider risk protection while preserving collaboration with Mimecast Incydr

How Snowflake built a modern Insider Risk Management program

Snowflake, a fast-growing cloud data company, needed a way to protect critical intellectual property without undermining the collaborative culture that drives its innovation. Faced with a 90–120 day timeline before going public, the security team found traditional DLP and CASB tools too cumbersome, brittle, and prone to blocking legitimate work—sometimes even slowing or interrupting engineering workflows.

Snowflake deployed Mimecast Incydr to gain endpoint and data-movement visibility without blocking user productivity. By ingesting telemetry into the Data Cloud and correlating signals across apps, Incydr helped the team spot and remediate risky behavior (for example, an employee who uploaded source code to personal cloud storage after updating LinkedIn) and reduced file-exposure and exfiltration risk. With strong implementation support from Mimecast, Incydr became a central, non-disruptive part of Snowflake’s insider risk program—enabling faster, anticipatory responses while preserving collaboration.

Snowflake

Mario Duarte

VP of Security