Synopsis of Mydbops 18th edition of MyWebinar

We’re ecstatic and energized about the prospect of sowing seeds of knowledge in our open-source database community.

Thank you to everyone who joined us for the 18th edition of MyWebinar. We hope that our time together helped to elevate and seam your work to perfection. We’re committed to giving back to the opensource database community in the coming days by presenting more LIVE events.

Madhu Sai, from Mydbops was successful in making this event more interactive, engaging, and, most importantly, productive for the audience. Thank you for your continuous contribution to the opensource community.

Topic: Achieve Compliance with MongoDB security

Date: 26th, November, 2022

Time: 11 AM IST

The most important takeaways are:

Importance of MongoDB security

Security Triad(C.I.A)

  • Confidentiality
  • Integrity
  • Availability
  • A.A.A
  • Authenticaiton
  • Authorization
  • Auditing

Data Encryption at rest

WiredTiger storage engine has native encryption.
Cipher algorithm i.e AES256-GCM
This cipher algorithm support for Linux.
Involve symmetric key
Options for sourcing master key
Via 3rd party Key Management Appliance using KMIP
(Key Management Interoperability Protocol )
Keyfile on the local system (Not recommendable)
Use unique individual keys for every node in a replica set.

TLS & SSL

CSFLE

In-flight encryption protects all data traversing the network.
◆ But does not encrypt data in-memory or at rest.

At-rest encryption protects all stored data.
◆ But does not encrypt data in-memory or in-flight.
With client-side encryption, the most sensitive data never leaves applications in plain text.
All encrypted fields on the client side remain encrypted over
◆ stored in-memory,
◆ in system logs, at rest,
◆ in backups – are rendered as ciphertext.

Queryable encryption

Allows user to search their data while it remains encrypted
Data remains encrypted at insert, storage, and query.
A Public Preview Feature
Not recommended for production

MongoDB security recommendations

Don’t directly expose the DB servers to the internet
Avoid using the default port
Use strong passwords
Authenticate with db.auth()
Never use the security.transitionToAuth option in config file.
Limit the user actions, Use customised roles.
Maintain data encryption.

After which the speakers had a detailed demo and a quick Q&A session.

In case you were unable to attend, or would like to re-watch the webinar at your leisure, Please follow the link below:

Acquaint further to LEARN || LIVE || ACHIEVE

For more information and an update please visit the following URL:

LinkedIn: https://in.linkedin.com/company/mydbops

Twitter: https://mobile.twitter.com/mydbopsofficial

Facebook:​ https://www.facebook.com/mydbops/

Blogs: https://mydbops.wordpress.com/

SlideShare: https://www.slideshare.net/MyDBOPS

Meetup page: https://www.meetup.com/Mydbops-Database-Meetup/

Instagram: https://www.instagram.com/mydbops/

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s