Security
MongoDB provides various features, such as authentication, access control, encryption, to secure your MongoDB deployments. Some key security features include:
| Authentication | Authorization | TLS/SSL | Enterprise Only |
|---|---|---|---|
TLS/SSL (Transport Encryption) |
Security Checklist
MongoDB also provides the Security Checklist for a list of recommended actions to protect a MongoDB deployment.
- Security Checklist
- Authentication
- Users
- Authentication Mechanisms
- Enterprise Authentication Mechanisms
- Internal Authentication
- Deploy New Replica Set With Keyfile Access Control
- Enforce Keyfile Access Control in a Replica Set
- Enforce Keyfile Access Control in a Replica Set without Downtime
- Deploy Sharded Cluster with Keyfile Access Control
- Enforce Keyfile Access Control in Sharded Cluster
- Enforce Authentication in an Existing Sharded Cluster Without Downtime
- Use x.509 Certificate for Membership Authentication
- Upgrade from Keyfile Authentication to x.509 Authentication
- Enable Auth
- Role-Based Access Control
- TLS/SSL (Transport Encryption)
- Encryption at Rest
- Auditing
- Security Hardening
- Implement Field Level Redaction
- Security Reference
- Create a Vulnerability Report