Security Best Practices Revisited
According to the just released 2016 Verizon Data Breach Investigations Report , 2015 saw 2,260 confirmed data breaches as well as over 100,000 reported security incidents. These are the highest numbers since the report began analyzing such incidents back in 2008. The report does a fantastic job of describing the types of attacks organizations should be prepared to face in the coming year. While the sophistication level of each threat varies, the report points out that 63% of confirmed data breaches were very simple - they used weak, default, or stolen passwords. This is a strong reminder that even basic defenses are still lacking in many organizations. At MongoDB, we take security very seriously. Our team is constantly working to deliver a world class database experience that addresses today’s ever-evolving security requirements. As a reminder, here are some resources MongoDB customers can use to help ensure the security of their systems: The most popular installer for MongoDB (RPM) limits network access to localhost by default. Security is addressed in detail in our Security Manual . The Security Checklist discusses limiting network exposure. Note that the method to do this will vary significantly depending on where the service is hosted (AWS, Azure, locally, etc). MongoDB Atlas security features include TLS/SSL encryption, authentication, and authorization via SCRAM-SHA1; IP whitelists enforced with AWS Security Groups; optionally encrypted storage volumes; and the MongoDB Atlas console to manage database users. Additionally, users of MongoDB Cloud Manager can enable alerts to detect if their deployment is internet exposed. A discussion on security is provided in two parts. Part 1 covers Design and Configuration. Part II covers 10 mistakes that can compromise your database. We encourage users who have experienced a security incident for MongoDB to create a vulnerability report . If you are interested in learning more about security best practices watch our on demand webinar. Securing your MongoDB deployment About the Author - Andrew Racine Andrew is Director, Demand Generation at MongoDB where he helps customers learn how to turn their giant ideas into reality. Prior to joining MongoDB, Andrew was the Director of Marketing at Conjur, an infrastructure security startup. Before Conjur, Andrew spent nearly 5 years at HubSpot in a variety of customer-focused roles.
Containers 101: 7 Essential Features
One of the most talked about pieces of technology today is the concept of containers. Containers more easily allow organizations to reliably run software when moved from one computing environment to another by providing an entire runtime environment (an application, plus all its dependencies, libraries and other binaries, and configuration files needed to run it). Read the Enabling Microservices: Containers & Orchestration Explained white paper . Whether it is moving from staging to production, or from a physical data center to a virtual one, containers are revolutionizing the entire software lifecycle. Curious about how containers could benefit your organization? Here are 7 features that will help you understand why this technology is vital for the growth of your organization. 1) DevOps & Continuous Delivery When the application consists of multiple containers with clear interfaces between them, it is a simple and low-risk matter to update a container, assess the impact, and then either revert to the old version or roll the update out across similar containers. By having multiple containers provide the same capability, upgrading each container can be done without negatively affecting your stateless services. 2) Replicating Environments When using containers, it's a trivial matter to instantiate identical copies of your full application stack and configuration. These can then be used by new hires, partners, support teams, and others to safely experiment in isolation. 3) Accurate Testing You can have confidence that your QA environment exactly matches what will be deployed – down to the exact version of every library. 4) Scalability By architecting an application to be built from multiple container instances, adding more containers scales out capacity and throughput. Similarly, containers can be removed when demand falls. Orchestration frameworks – such as Kubernetes and Apache Mesos – further simplify elastic scaling. 5) Isolation Every container running on the same host is independent and isolated from the others as well as from the host itself. The same equipment can simultaneously host development, support, test, and production versions of your application – even running different versions of tools, languages, databases, and libraries without any risk that one environment will impact another. 6) Performance Unlike VMs (whether used directly or through Vagrant), containers are lightweight and have minimal impact on performance. 7) High Availability By running with multiple containers, redundancy can be built into the application. If one container fails, then the surviving peers – which are providing the same capability – continue to provide service. With the addition of some automation (see the orchestration section of our paper), failed containers can be automatically recreated (rescheduled) either on the same or a different host, restoring full capacity and redundancy. The rich functionality, simple tools, and powerful APIs make container and orchestration functionality a favorite for DevOps teams who integrate them into Continuous Integration (CI) and Continuous Delivery (CD) workflows. Want to learn more? Read our new white paper on Enabling Microservices: Enabling Microservices with Containers, Orchestration, and MongoDB About the Author - Andrew Racine Andrew is Director, Demand Generation at MongoDB where he helps customers learn how to turn their giant ideas into reality. Prior to joining MongoDB, Andrew was the Director of Marketing at Conjur, an infrastructure security startup. Before Conjur, Andrew spent nearly 5 years at HubSpot in a variety of customer-focused roles.