About MongoDB
MongoDB was designed to ensure data security and offers a number of protection technologies including robust authentication, role-based access control, encrypted communications, and strong auditing capabilities. CipherTrust Data Security Products supplement these MongoDB encryption measures to achieve true security against breaches.
Challenges
Privileged User Access
Privileged users are those granted substantial access to corporate network resources to be able to perform their routine duties. But if these users are malicious, or if their credentials are stolen, it can lead to a major data breach.
Data-Base Bypass Attacks
Another dangerous data security attack bypasses the database and targets the data at rest in underlying servers or physical storage. These frequently include the organization’s unstructured files and structured databases, query reports, log files and other data sets that might contain sensitive or regulated information.
Solutions
High-Performance Encryption
Thales high-performance encryption complements MongoDB security. CipherTrust Transparent Encryption protects the environment at the OS and file system level with encryption, access controls, and security intelligence information required for compliance and protection from malicious insiders and advanced malware, such as advanced persistent threats (APTs). Thales CipherTrust Application Encryption enables developers to easily build encryption for individual fields (such as social security numbers and credit cards) that are not critical to analysis but are a required component of reports and output into the MongoDB environment.
Integrated Key Management
CipherTrust Manager secures and manages encryption keys in the MongoDB environment.
Privileged User Access Control
The Thales CipherTrust Manager can enforce strong separation of duties by requiring the assignment of key and policy management to more than one data security administrator. In this manner, no one person has complete control over security activities, encryption keys, or administration. In addition, the CipherTrust Manager supports two-factor authentication for administrative access.
Benefits
Benefits Summary
- Encryption, centralized key management, privileged user access control and security intelligence logs for data-at-rest across the MongoDB environment: ingress data, egress reports, as well as configuration files and audit logs.
- Transparently protect new and complex structured and unstructured data types without application engineering with CipherTrust Transparent Encryption.
- Simplify adding document-level encryption with tools that include sample code and API support (Java and C/C++) for MongoDB application integration with CipherTrust Application Encryption.
- Generate security intelligence on data access by users, processes and applications accessing data anywhere across the MongoDB infrastructure.
- Maintain service level agreements with high-performance encryption and high-availability data security architecture.
Scalable and Flexible
Unlike other solutions, this extensible platform is tunable to protect data as granular as specific columns within a relational database or fields within a document in MongoDB. On the other hand, it can protect all the data within a given directory or volume.
Compatible with Most Operating Systems and Highly Efficient
The platform supports the broadest range of operating systems and environments in the industry and delivers operational efficiencies through high-performance and centralized management with the CipherTrust Manager.