NoSQL Zone is brought to you in partnership with:

Mitch Pronschinske is the Lead Research Analyst at DZone. Researching and compiling content for DZone's research guides is his primary job. He likes to make his own ringtones, watches cartoons/anime, enjoys card and board games, and plays the accordion. Mitch is a DZone Zone Leader and has posted 2578 posts at DZone. You can read more from them at their website. View Full User Profile

MongoDB Encryption Options

08.26.2013
| 4388 views |
  • submit to reddit

MongoHQ wrote a helpful blog on the encryption features in MongoDB.  Its a big deal for the larger, more cautious companies as well as smaller ones, so it behooves a MongoDB host in company like MongoHQ to help share information about MongoDB's security.

The two pri­mary lev­els for encryp­tion are:

  • “Data-in-motion” is pro­tected by encrypt­ing the data in tran­sit; solved with SSL/TLS.  We’ll have more to say about this in a future post.
  • “Data-at-rest” is pro­tected by encrypt­ing stored infor­ma­tion, the topic of this post.

Data-at-rest encryp­tion can be solved with any/all of the following:

  • Encrypt the entire drive
  • Encrypt indi­vid­ual files or data­bases on the disk
  • Encrypt entire doc­u­ments (rows in SQL-land) or indi­vid­ual attrib­utes (columns in SQL-land) at the appli­ca­tion level

--MongoHQ Blog


The post also emphasizes that application-level encryption is paramount.