At a high level, yes.

Depending exactly how your internal network is setup traffic may flow unencrypted through your internal network.  eg

internet --https-->  company network --http--> fme --http--> company network --https--> internet

But it is more likely to  be https all the way through

Yes, I think it is pretty safe to assume HTTPS/TLS all the way here.

Since this communication is initiated by the FME Flow engine, using the HTTPS protocol the traffic would be encrypted.

Wireshark and Fiddler are a couple of tools you could use to 'confirm' this is the case, but I am very confident there's no issue here with unencrypted data being transmitted.

Our Dev Team made me aware of this:

https://docs.snowflake.com/user-guide/security-encryption-end-to-end

Thank you for your answer. I believe this is exactly what we were looking for.

I had to make sure that HTTPS was enforced on both ends and that the required ports were open in the firewall. Also double-checked the user roles and network policies.

Yes, you're on the right track. If both ArcGIS Online and Snowflake enforce TLS 1.2+ with AES256, and your FME Flow server is also configured to use HTTPS with compatible protocols, then the data in transit between these services should indeed be secure. TLS 1.2 with AES256 is currently considered a strong standard for encryption.

That said, don’t forget to double-check that:

Your FME Flow instance has a valid SSL certificate.

You’re not using any middleboxes or proxies that could weaken the encryption.

Mutual TLS or IP allowlisting is in place if extra protection is needed.

Also, it’s smart to run regular security assessments—some admins use tools like ipstresser to simulate traffic load and ensure their infrastructure can handle it without weakening under pressure. Just make sure you're not violating any terms or laws when doing this.

Secure architecture + good monitoring = peace of mind.