The rapid integration of artificial intelligence into business analytics and data platforms has transformed the landscape of digital operations.
Solutions such as Snowflake’s CORTEX and Microsoft’s Copilot are redefining how organizations interact with their data, infusing generative AI models and sophisticated search capabilities into everyday workflows for greater efficiency and business agility.
However, this acceleration has surfaced new, often unforeseen vulnerabilities particularly in the realm of data security and unintended information exposure.
Dynamic Data Masking versus AI-Driven Search
A core principle of database security is dynamic data masking, rigorously implemented in platforms like Snowflake.
This mechanism ensures that sensitive data, such as personally identifiable information (PII) or financial records, is obfuscated for users who lack privileged access, thus maintaining regulatory compliance and minimizing risk of leakages.
Under typical configurations, masking policies restrict non-administrative roles to viewing only sanitized, masked data during queries, while roles with higher privileges (e.g., ADMIN) access the original, unmasked information.
However, the emergence of advanced AI services like Snowflake’s CORTEX Search Service has introduced a new operational paradigm.
Unlike conventional queries, CORTEX leverages powerful search mechanisms, enabling fuzzy queries and retrieval-augmented generation (RAG) without requiring users to possess direct SELECT permissions on the underlying tables.
Instead, users simply require USAGE permission on the CORTEX service itself, radically altering the traditional access control landscape.
The crux of the security risk lies in the service execution model-particularly, owners’ rights versus callers’ rights.
In Snowflake’s CORTEX, AI-driven queries are executed with the privileges of the service’s owner, which is often a highly privileged role such as ACCOUNTADMIN.
According to Cyera Report, this model allows any user permitted to invoke the CORTEX Search Service to inherit the owner’s access level, potentially bypassing the built-in masking policies and exposing sensitive data that would otherwise remain hidden.
This architectural decision, while designed to facilitate advanced delegation and streamline operations for trusted AI workflows, can inadvertently serve as a backdoor.
If administrators establish CORTEX services with excessive privilege or fail to adequately control which data is indexed, lower-privileged users could access unmasked, sensitive data via AI-driven search-circumventing traditional security boundaries set by masking and access controls.
Case in Point: Data Exposure Scenarios
A typical misconfiguration scenario unfolds when an admin role initializes the CORTEX Search Service on sensitive tables and then grants USAGE rights to analysts or other staff.
Those users, even without SELECT privileges on sensitive columns, can leverage CORTEX to retrieve original, unmasked data-essentially sidestepping established data governance policies.
Moreover, because masking enforcement hinges on the querying role, the use of owners’ rights within CORTEX effectively nullifies these policies for any user with USAGE access.
Preventing these risks hinges on adhering strictly to the principle of least privilege.
Organizations must avoid deploying AI-driven search services using highly privileged roles unless absolutely necessary.
Instead, creating narrowly scoped service roles with minimal SELECT permissions is critical, as is judiciously limiting which tables and columns are indexed for AI search.
Regular audits of service creation roles and usage grants are also essential to detect and correct privilege escalation pathways before they are exploited.
While AI-driven tools like Snowflake CORTEX offer unparalleled value in enterprise data discovery, they also demand a new level of vigilance.
Misconfigured access controls can transform these innovations from business accelerators into vectors for data leakage.
The onus lies on security teams to re-examine privilege boundaries and integrate continuous controls-ensuring that artificial intelligence augments, rather than undermines, the foundational tenets of data security.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
