EventYou’re invited to MongoDB.local NYC on May 2. Use code Web50 for 50% off your ticket! Learn more >

MONGODB SECURITY

Strong Security Defaults. Protect your workloads confidently

Protect your data with strong security defaults on the MongoDB developer data platform. Meet stringent requirements with robust operational and security controls.

Try Free
Contact sales

MongoDB offers built-in security controls for all your data – with databases managed in a customer environment or MongoDB Atlas, a fully-managed cloud service. MongoDB enables enterprise-grade security features and simplifies deploying and managing your databases.

An illustration of a padlock surrounded by secure apps and data.

MongoDB Security

Database with built-in security controls and enterprise-grade security features

Authentication

Authenticate to Atlas UI with your Atlas credentials or single sign-on with your GitHub or Google accounts. Atlas also supports multi-factor authentication (MFA) with various options including OTP authenticators, push notifications, FIDO2 (hardware security keys or biometrics), SMS, and e-mail.

Authenticate to MongoDB database using mechanisms including SCRAM, x.509 certificates, LDAP, passwordless authentication with AWS-IAM and OpenID Connect support (in preview).
Learn about Atlas UI Authentication
An illustration of a secure database with locked data.

Authorization

Atlas provides Role-Based Access Control (RBAC) to manage all cloud resources, including MongoDB deployments. In Atlas, a user can be granted one or more roles that determine the user's access privilege to an Atlas Organization and a Project. A user can also be granted fine-grained database roles for database operations. With identity federation, you can manage access to Atlas via your identity provider groups and Atlas roles using group-role mappings.

MongoDB database has an extensive RBAC for performing specific actions on database(s) and collection(s).

Learn about RBAC (Atlas)
An illustration of cloud application with keyhole and mobile phone with hand accessing through a fingerprint scan.

Auditing

MongoDB offers granular auditing that monitors actions in your MongoDB environment and is designed to prevent and detect any unauthorized access to data, including create, read, update, and delete (CRUD) operations, encryption key management, authentication, and role-based access controls, replication, and sharding cluster operations.

Learn about Auditing (Atlas)
An illustration of documents being audited for unauthorized access.

Data Encryption

MongoDB data encryption offers robust features to protect your data while in-transit (network), at-rest (storage), and in-use (memory, logs). Customers can use automatic encryption of key data fields like PII, PHI, or any data deemed sensitive — ensuring data is encrypted throughout its lifecycle.

Learn more
An illustration of a padlock and key set surrounded by code brackets.

Network Security

Atlas offers many options to securely access your data with dedicated clusters deployed in a unique Virtual Private Cloud (VPC) to isolate your data and prevent inbound network access from the internet.

Allow just a one-way connection from your AWS, Azure, or Google Cloud VPC/VNet to Atlas Clusters via Private Endpoints. You can enable peering between your MongoDB Atlas VPC or VNet to your own dedicated application tier virtual private network with the cloud provider of your choice or enable only specific network segments to connect to your Atlas clusters via IP Access list.

Learn more
An illustration of arms and hands typing on desktop computer with floating application window and padlock.

Data Sovereignty

Atlas databases are available in 100+ regions across AWS, Google Cloud, and Azure. Store your data across any of the regions. Take advantage of multi-cloud and multi-region deployments, allowing you to target the providers and regions that best serve your users. Zoned sharding is available to Atlas customers as part of the fully-managed cloud service to support location-aware storage and database operations for globally distributed application instances and clients.

Learn more
An illustration of a padlock over 3 data documents.

Featured Resources

Build applications with confidence on MongoDB

Make the most of our developer data platform that provides strong security default settings
Explore all our products
“We credit MongoDB as one of our trusted partners behind the scenes for helping SHOPLINE rise up to become Asia’s largest online and offline smart commerce company, adhering to the highest standards of security and compliance as we continue to grow and take advantage of new opportunities.”
Ian Chan
Engineering director at SHOPLINE
Read the whole story

Secure your applications on MongoDB

With strong controls, regulatory compliance, and technical measures on a trusted MongoDB developer data platform.
Try AtlasContact sales
PROTECT YOUR DATA CONFIDENTLY:
  • Strong security controls
  • Network isolation
  • Data encryption
  • Granular control access
  • Trusted data platform