We’re ecstatic and energized about the prospect of sowing seeds of knowledge in our open-source database community.
Thank you to everyone who joined us for the 18th edition of MyWebinar. We hope that our time together helped to elevate and seam your work to perfection. We’re committed to giving back to the opensource database community in the coming days by presenting more LIVE events.
Madhu Sai, from Mydbops was successful in making this event more interactive, engaging, and, most importantly, productive for the audience. Thank you for your continuous contribution to the opensource community.
- Topic: Achieve Compliance with MongoDB security
- Date: 26th, November, 2022
- Time: 11 AM IST
The most important takeaways are:
- Importance of MongoDB security
- Security Triad(C.I.A)
- Confidentiality
- Integrity
- Availability
- A.A.A
- Authenticaiton
- Authorization
- Auditing
Data Encryption at rest
- WiredTiger storage engine has native encryption.
- Cipher algorithm i.e AES256-GCM
- This cipher algorithm support for Linux.
- Involve symmetric key
- Options for sourcing master key
- Via 3rd party Key Management Appliance using KMIP(Key Management Interoperability Protocol )
- Keyfile on the local system (Not recommendable)
- Use unique individual keys for every node in a replica set.
TLS & SSL
CSFLE
- In-flight encryption protects all data traversing the network. But does not encrypt data in-memory or at rest.
- At-rest encryption protects all stored data.
- But does not encrypt data in-memory or in-flight.
- With client-side encryption, the most sensitive data never leaves applications in plain text.
- All encrypted fields on the client side remain encrypted over
- stored in-memory,
- in system logs, at rest,
- in backups – are rendered as ciphertext.
Queryable encryption
- Allows user to search their data while it remains encrypted
- Data remains encrypted at insert, storage, and query.
- A Public Preview Feature
- Not recommended for production
MongoDB security recommendations
- Don’t directly expose the DB servers to the internet
- Avoid using the default port
- Use strong passwords
- Authenticate with db.auth()
- Never use the security.transitionToAuth option in config file.
- Limit the user actions, Use customised roles.
- Maintain data encryption.
After which the speakers had a detailed demo and a quick Q&A session.
In case you were unable to attend, or would like to re-watch the webinar at your leisure, Please follow the link below:
Acquaint further to LEARN || LIVE || ACHIEVE
For more information and an update please visit the following URL:
LinkedIn: https://in.linkedin.com/company/mydbops
Twitter: https://mobile.twitter.com/mydbopsofficial
Facebook: https://www.facebook.com/mydbops/
Blogs: https://mydbops.com/blog/
SlideShare: https://www.slideshare.net/MyDBOPS
Meetup page: https://www.meetup.com/Mydbops-Database-Meetup/
Instagram: https://www.instagram.com/mydbops/
Ensure Ironclad MongoDB Security! Mydbops offers expert MongoDB database management services to optimize your security posture. We provide comprehensive solutions and support to empower your MongoDB deployments. Contact us today!
{{cta}}