Select Page

Enjoy Enhanced Data Security with MongoDB 4.2

Author: Charleste King | | January 30, 2020

The exploding flood of incoming data presents an immense challenge to data managers: how to control the escalating risks that also flow in through the ever-increasing volumes of information?

Not only does the data carry information that could be targeted by emerging threats, but often its unstructured format poses an inherent danger in and of itself. Those escalating risks put increasing pressure on IT management to not just control their data, but also to ensure their enterprise remains in compliance with regulations despite their data.

Fortunately, MongoDB and its newly released 4.2 iteration provide customers with world-class compliance capacities regardless of their industry or the structure of their data.

MongoDB Masters Regulatory Compliance

This year, 2019, has been pivotal for MongoDB, the general purposes NoSQL database platform. Not content with providing its customers with the most flexible database management tool available in today’s hyper-competitive data management market, the company also has attained certification for several significant global information technology security standards:

  • In Spring, 2019, the company received approval from the Defense Information Systems Agency (DISA) for its Security Technical Information Guide (STIG). It is the first non-relational database to achieve that goal. The Department of Defense can now use the database within certain defense networks.
  • In September, the database was also independently validated as a certified services provider for the Payment Card Industry commission for Data Security Standards (PCI DSS). The commission regulates the management of billions of global credit and payment cards, and the certification establishes the MongoDB 4.2 database as a provider of services for trillions of dollars worth of financial transactions each year. The certification as a qualified PCI DSS services provider came after an extensive audit performed by an independent Qualified Security Assessor (QSA).
  • The PCI DSS certification follows previously attained security achievements, including compliance with the ISO27001.2013 and the SOC 2 reporting requirements.
  • MongoDB 4.2 also complies with Europe’s General Data Protection Regulation (GDPR) and with America’s Health Information Portability and Accountability Act (HIPAA).

MongoDB 4.2 Introduces Field-Level, Client-Side Encryption

The PCI DSS certification makes the introduction in June 2019 of MongoDB’s field-level, client-side encryption capability that much more exciting for all of its current and future customers.

MongoDB’s client-side encryption capacity is a game-changer for many organizations because it shifts initiation and control of the encryption process to them and away from their cloud services provider.

  • Unlike end-to-end encryption, where information is encrypted only after the server receives it, the client-side encryption means information is hidden before it leaves the sender’s machine so not even the server can access it.
  • Consequently, client-side encryption extends the protection of data beyond servers. It puts it into the hands of whoever is sending it, whether that’s from a company desktop machine in the head office or a remote employee based on the other side of the planet. The new technology eliminates the possibility of theft or interception when that unencrypted data is in transit from the sender to the server.

MongoDB’s Field Level Encryption offers other advantages, too:

  • It embraces application code so there’s no need to create explicit encryption-function code for each database read or write operation.
  • It separates data even from systems administrators who can only access it when given explicit client access keys.
  • Because access to information is achieved only through the client key, the destruction of that key also eliminates access to that data. This feature satisfies the GDPR’s ‘right to disappear’ requirement.

MongoDB 4.2 has mastered not just data storage and data management, but compliance with data security standards as well. Datavail’s MongoDB 4.2 professionals understand how its technology can help your enterprise gain control over all your data and ensure that it remains in compliance with applicable standards, regardless of your industry. We’re MongoDB Premier Partners, contact us today if you’re looking to make the move.

Further Reading

A Faster Future with Newly Released MongoDB 4.2

Feed Your Need for Speed with MongoDB 4.2

How to Solve the Oracle Error ORA-12154: TNS:could not resolve the connect identifier specified

The “ORA-12154: TNS Oracle error message is very common for database administrators. Learn how to diagnose & resolve this common issue here today.

Vijay Muthu | February 4, 2021

Data Types: The Importance of Choosing the Correct Data Type

Most DBAs have struggled with the pros and cons of choosing one data type over another. This blog post discusses different situations.

Craig Mullins | October 11, 2017

How to Recover a Table from an Oracle 12c RMAN Backup

Our database experts explain how to recover and restore a table from an Oracle 12c RMAN Backup with this step-by-step blog. Read more.

Megan Elphingstone | February 2, 2017

Subscribe to Our Blog

Never miss a post! Stay up to date with the latest database, application and analytics tips and news. Delivered in a handy bi-weekly update straight to your inbox. You can unsubscribe at any time.

Work with Us

Let’s have a conversation about what you need to succeed and how we can help get you there.


Work for Us

Where do you want to take your career? Explore exciting opportunities to join our team.