We’re ecstatic and energized about the prospect of sowing seeds of knowledge in our open-source database community.
Thank you to everyone who joined us for the 18th edition of MyWebinar. We hope that our time together helped to elevate and seam your work to perfection. We’re committed to giving back to the opensource database community in the coming days by presenting more LIVE events.
Madhu Sai, from Mydbops was successful in making this event more interactive, engaging, and, most importantly, productive for the audience. Thank you for your continuous contribution to the opensource community.
Topic: Achieve Compliance with MongoDB security
Date: 26th, November, 2022
Time: 11 AM IST
The most important takeaways are:
Importance of MongoDB security
Data Encryption at rest
WiredTiger storage engine has native encryption.
Cipher algorithm i.e AES256-GCM
This cipher algorithm support for Linux.
Involve symmetric key
Options for sourcing master key
Via 3rd party Key Management Appliance using KMIP
(Key Management Interoperability Protocol )
Keyfile on the local system (Not recommendable)
Use unique individual keys for every node in a replica set.
TLS & SSL
In-flight encryption protects all data traversing the network.
◆ But does not encrypt data in-memory or at rest.
At-rest encryption protects all stored data.
◆ But does not encrypt data in-memory or in-flight.
With client-side encryption, the most sensitive data never leaves applications in plain text.
All encrypted fields on the client side remain encrypted over
◆ stored in-memory,
◆ in system logs, at rest,
◆ in backups – are rendered as ciphertext.
Allows user to search their data while it remains encrypted
Data remains encrypted at insert, storage, and query.
A Public Preview Feature
Not recommended for production
MongoDB security recommendations
Don’t directly expose the DB servers to the internet
Avoid using the default port
Use strong passwords
Authenticate with db.auth()
Never use the security.transitionToAuth option in config file.
Limit the user actions, Use customised roles.
Maintain data encryption.
After which the speakers had a detailed demo and a quick Q&A session.
In case you were unable to attend, or would like to re-watch the webinar at your leisure, Please follow the link below:
Acquaint further to LEARN || LIVE || ACHIEVE
For more information and an update please visit the following URL:
Meetup page: https://www.meetup.com/Mydbops-Database-Meetup/