LAUNCHMongoDB 8.3 is built for the sub-100ms retrieval & zero downtime AI demands. Read blog >
AI DATAStop fighting your data layer. Get the memory & retrieval agents need to scale. Read blog >

MongoDB Atlas Shared Responsibility Model

MongoDB Atlas is designed to manage foundational security and operational tasks, enabling organizations to focus on application innovation rather than infrastructure management. This is achieved through a shared responsibility model in which both parties have complementary duties to ensure the safety and integrity of the data environment: the provider is responsible for the security and operational integrity of the platform, while the customer is responsible for security, configuration, and management of their specific deployment.

As a modern multi-cloud database, MongoDB Atlas combines a flexible document model with a suite of integrated data services to simplify application development. Engineered for enterprise-grade resiliency, workload isolation, and observability, Atlas is the most effective way to deploy MongoDB. It supports seamless multi-region and multi-cloud configurations across 125+ cloud regions on AWS, Azure, and Google Cloud.

Security is integrated into the core of Atlas through built-in security controls and customizable guardrails. This framework simplifies the customer’s requirements by handling platform-level complexities while maintaining their ability to configure the environment for specific needs. These built-in protections include authentication, authorization, and encryption for data at rest and in transit, as well as automated, zero-downtime security patching. To further protect their environment, customers can enable advanced features such as Queryable Encryption and hardened network protections, such as private endpoints and VPC peering. MongoDB also conducts regular security hardening of the Atlas environment, including penetration testing with world-class security vendors and by utilizing a security bug bounty program.

Security and Responsibility Model in MongoDB Atlas

Atlas resources are managed through an organization- and project-based hierarchy for streamlined administration. Within this framework, customers are responsible for establishing their initial environment. This includes creating users and roles, selecting one or more cloud providers and regions, and choosing cluster types.

MongoDB maintains an extensive portfolio of global and regional compliance certifications and undergoes frequent independent audits to verify the company’s ongoing commitment to platform security and resilience. Detailed compliance documentation and audit reports are available for review under a non-disclosure agreement (NDA) through the MongoDB Customer Trust Portal. Professional guidance and support are available for customers who want to follow best practices for their specific configurations and policy decisions through MongoDB’s Professional Services.

Cloud Shared Responsibility Model

Achieving a robust security and operational posture is a collaborative effort defined by clear ownership between MongoDB and its customers. The following table provides a transparent breakdown of these responsibilities, distinguishing between the managed platform and infrastructure services provided by MongoDB and the customer's specific configuration and policy decisions.

Security and Data Protection
CategoryCustomerMongoDB
Atlas Database & cluster access View documentation: Authentication | Authorization• Design least-privilege access policies and assign user/role privileges • Select and implement authentication mechanisms appropriate for the environment and access type, preferring secretless, passwordless connectivity through Workforce or Workload Identity Federation or X.509 certificates. • Securely manage credentials, including rotation and the use of secrets managers • Perform periodic access reviews to remove stale identities and review custom roles • Maintain the security of the local development and application environment, including hardening application servers and defending against phishing risks• Provide a granular RBAC framework and custom role capabilities • Maintain the authentication engine supporting OIDC, X.509, AWS IAM, and SCRAM • Provide audit logs for database authentication and authorization events
Atlas UI & Administration API access View documentation: Authentication | Authorization | Voyage AI• Manage user access and roles at the Organization and Project levels • Configure Workforce Identity Federation (SAML 2.0) and mapping of IdP groups to Atlas roles • Enforce IdP-level security policies, such as MFA and password complexity • Configure idle and absolute session timeout. • Regularly audit administrative access and manage API keys and/or service accounts, including Administration and service-specific API keys (e.g., Voyage AI)• Maintain platform authentication and a secure framework for managing administrative and integrated service API keys • Enforce configured session and access controls. • Provide Workforce Identity Federation and MFA integration support • Provide RBAC for administrative and project-level permissions
Network isolation and connectivity View documentation• Configure network connectivity. Options include VPC peering connections, private endpoints, and IP access lists. VPC peering or private endpoints are preferred for the most robust solution • Configure IP access list for Atlas UI and Administration API • Ensure IP access lists are restrictive; avoid the 'allow access from anywhere' (0.0.0.0/0) anti-pattern by using specific CIDR ranges or Private Endpoints to isolate traffic within a private network• Provision peering containers • Provision private endpoint resources • Only allow connections to the cluster from entries in a project’s access list
Data encryption in transit View documentation• Select minimum TLS version; TLS 1.2 is the lowest supported version, but TLS 1.3 is recommended for stronger security defaults, faster handshakes, and reduced latency• Maintain always-on TLS encryption
Data encryption at rest View documentation• Configure and manage Customer-Managed Keys (AWS KMS, Azure Key Vault, Google Cloud KMS), including HSM-backed and "Bring Your Own Key" (BYOK) options • Configure private networking for encryption keys (AWS/Azure) • Configure and maintain the identity policies (e.g., AWS IAM Roles, Azure Secretless Auth, GCP Service Accounts) required to securely grant Atlas access to the KMS• Maintain always-on AES-256 encryption for all stored data and backups. • Manage default volume-level encryption keys for all clusters. • Provide the integration framework for database-level encryption, including Customer-Managed Keys (CMK) and Transparent Data Encryption (TDE) capabilities.
Data encryption in-use View documentation• Implement and configure Queryable Encryption and/or Client-Side Field-Level Encryption (CSFLE) • Provision and manage encryption keys in a supported Cloud KMS (AWS, Azure, Google Cloud) • Manage application-side driver configuration and encryption logic • Implement secure secret management and follow architectural best practices for fetching encryption keys when configuring application-side drivers for Queryable Encryption• Provide Queryable Encryption and CSFLE technology and shared libraries, enabling customers to perform expressive queries on encrypted data without server-side decryption • Provide drivers and tools that automate encryption/decryption and KMS communication
Granular auditing View documentation• Enable and configure granular database auditing for clusters (M10+), including defining custom audit filters for specific actions or users. • Monitor the Activity Feed for administrative and configuration changes at the Organization and Project levels • Export and manage logs in external monitoring or SIEM platforms for long-term retention and analysis.• Provide an Activity Feed that captures key control plane events, such as user invitations, project creations, and configuration changes. • Deliver granular database auditing to capture cluster activity, including schema changes (DDL), data modifications (DML), and permission updates (DCL). • Maintain logs for all authentication attempts and provide access via the Atlas UI, CLI, and Administration API.
Security patches and maintenance View documentation: Maintenance | Security contact• Set maintenance window  • Set protected hours • Specify a designated Atlas security contact to receive security-related notifications. • Manage comprehensive platform maintenance and lifecycle updates, including OS/agent upgrades, certificate rotations, minor version upgrades, and new feature rollouts • Apply security patches, including the ability to override maintenance windows for emergency updates to mitigate critical risks
Infrastructure & Operational Excellence
CategoryCustomerMongoDB
Platform provisioning & governance View documentation• Select cloud provider, region, and cluster type/tier • Define and configure high availability and Disaster Recovery (DR) requirements, including multi-region or multi-cloud deployments, to meet target Recovery Time Objectives (RTO) • Select MongoDB version and auto-scaling options • Enable cluster-level safety features such as termination protection and log redaction to prevent accidental data loss or exposure • Govern the platform footprint by disabling unused services or tools (e.g., Data Explorer, Atlas Charts) to minimize the attack surface according to organizational needs• Provision and deploy cluster in dedicated VPC, with appropriate cloud security configurations • Apply configuration changes without service disruption • Provide tools to govern cloud provider, region, and tier
Customer data management View documentation• Classify and manage data according to internal privacy and compliance policies • Securely upload and store data using the provided tools and drivers • Manage data lifecycle, including retention and deletion requirements• Provide a secure platform and tools for encrypted data storage and transfer • Maintain tenant isolation to ensure customer data is logically separated across all tiers, with dedicated network-level isolation for M10 and higher clusters.
Cloud provider and region selection View documentation• Select cloud providers and regions to meet residency, privacy, performance, and availability needs • Define data placement policies for Global Clusters and zoned sharding • Ensure compliance with local and international data storage localization regulations• Provide global infrastructure across 125+ regions on AWS, Azure, and Google Cloud • Support Global Clusters and zoned sharding for precise data partitioning and automated routing
Performance troubleshooting View documentation: Performance Advisor | Query Profiler• Enable/disable Performance Advisor and Query Profiler • Review and implement performance and architectural recommendations provided by the Atlas Performance Advisor and MongoDB technical experts (e.g., Technical Services or Professional Services).• Provide the automated telemetry and analysis engines that identify performance bottlenecks and generate optimization recommendations. • Offer technical expertise and consultative support for complex query and schema optimization through Technical and Professional Services.
Monitoring and alerting View documentation: Alerts | Real-Time Performance• Configure alert thresholds • Enable real-time performance panel• Collect monitoring metrics • Proactively monitor cluster health metrics
Backups View documentation• Configure backup policy, copy regions, and retention • Configure point-in-time restore• Operate backups according to policy • Ensure backup retention according to policy
Online Archive View documentation• Enable automatic archival • Configure archiving rules • Configure query patterns• Provision archival storage and manage archival data format • Ensure automatic scalability of Online Archive federated query engine

How MongoDB Protects Customers and Their Data

While the Shared Responsibility Model defines ownership, the following section provides a detailed look at the specific security controls and architectural standards MongoDB employs to secure the Atlas platform. These capabilities provide transparency into how MongoDB protects the world’s most sensitive workloads. For additional technical insight, refer to MongoDB’s technical and organizational security measures for Atlas.

MongoDB Atlas Security and Resilience Capabilities
CategoryDescription
Access ControlAuthentication: Maintains a unified platform that secures access through a defense-in-depth approach across all entry points: ◦ Atlas UI: Supports Workforce Identity Federation via SAML 2.0 or credentials secured by MFA, including security keys, biometrics, push-based notifications, and OTP apps. ◦ Database Access: Enables secretless, passwordless connectivity through Workload Identity Federation or Workforce Identity Federation via OIDC. l X.509 certificates and SCRAM authentication are also supported. ◦ Administration API: Facilitates secure programmatic access via Atlas Service Accounts (OAuth 2.0) with short-lived access tokens, alongside legacy support for API Keys using digest authentication. This programmatic foundation powers administration and automation tools, including the Atlas CLI, Terraform Provider, Kubernetes Operator, CloudFormation Resources, and the Atlas Go SDK. • Authorization: Provides a comprehensive Role-Based Access Control (RBAC) framework featuring built-in and custom roles that can be mapped directly to external identity provider user groups for automated, least-privilege permissioning at the organization, project, and database levels.
Data ProtectionData encryption: Ensures sensitive information remains secure through automated and customizable encryption controls applied across the entire data lifecycle. ◦ Encryption in transit: Secures all traffic between clients, applications, and Atlas with mandatory TLS, utilizing dynamic key generation and exchange during handshake for unique session keys. ◦ Encryption at rest: Protects all stored data and backups with AES-256 encryption using default cloud-provider managed volume encryption, which can be further layered with customer-managed keys (AWS, Azure, and Google Cloud). Securely integrates with these customer resources, such as KMS and S3, using native identity mechanisms like AWS IAM roles, Azure Secretless Auth, and GCP Service Accounts. ◦ Encryption in use: Employs industry-first Queryable Encryption to perform expressive queries on encrypted data without server-side decryption, alongside Client-Side Field-Level Encryption for application-side protection. • Auditing: Provides continuous visibility through always-on authentication tracking and granular database auditing of all DDL, DML, and DCL operations, with logs accessible via the Atlas UI and Administration API for SIEM integration.
Infrastructure SecurityResource Policies: Enables organization-wide governance through customizable controls that constrain the specific configuration options available to developers when they create or configure Atlas clusters. Ensures all Atlas deployments remain aligned with internal security and compliance standards. • Network Security: Strengthens environment perimeters to prevent unauthorized access and data exfiltration through a defense-in-depth approach, including IP allowlisting, VPC peering, and one-way private endpoints (AWS PrivateLink, Azure Private Link, and Google Cloud Private Service Connect) to minimize the risk of unauthorized access. • Cloud Security: Manage the security of the cloud provider accounts that underpin Atlas, using industry-standard cloud security posture management (CSPM) solutions.
Compliance and RiskGlobal & Regional Information Security and Cloud Privacy Standards: Maintains an extensive portfolio of independent third-party certifications and attestations that span across major jurisdictions to ensure the platform meets the most stringent regulatory and industry-specific requirements worldwide. ◦ Global: ISO 27001, ISO 27017, ISO 27018, ISO 9001, SOC 2 Type 2, PCI DSS v4.0.1, and CSA STAR Level 2. ◦ United States: FedRAMP Moderate, HIPAA, TX-RAMP, CJIS, and IRS Publication 1075 alignment. ◦ European Union: Atlas enables customers to build GDPR-compliant applications and has TISAX, HDS, and ENS High certifications or attestations. ◦ Australia: IRAP. • Risk and Compliance programs: MongoDB maintains robust Risk and Compliance programs in line with industry best practices • Training: MongoDB ensures all employees and contractors are continuously trained on the most up-to-date security standards • Employee Screening: MongoDB performs industry-standard background checks on all MongoDB employees as well as any third-party contractor with access to Customer Data or MongoDB Systems.
Security Governance & Platform IntegrityA detailed list of the technical and organizational security measures is available. The following are key elements: • Secure Software Development Practices and Lifecycle: MongoDB has a dedicated security team that scrutinizes Atlas’ software, architecture, and operational practices. The company develops new products and features in a multistage process using industry standard methodologies that include defined security acceptance criteria and align with NIST and OWASP guidance. • MongoDB conducts regular security hardening of the Atlas environment, including penetration testing with leading security vendors and by leveraging a security “bug bounty” program.
MongoDB Technical Services• MongoDB support has Service Level Agreements (SLAs) to ensure that support cases are prioritized based on severity and are handled in timely manner • Provide technical assistance on any issues when requested by customers, including: ◦ The MongoDB Atlas service control plane ◦ MongoDB clusters managed by Atlas ◦ Consultation on query performance or driver issues
MongoDB Professional ServicesProvide consultation and act as advisors in areas including: • Schema design and query/index optimization • Infrastructure and architecture design • Integration with cloud provider and third-party services • Data access layer code review

Security and Operational Resources

Explore MongoDB security and operational responsibilities and policies.
enterpriseadvanced_security

Atlas Shared Responsibility Datasheet

A downloadable datasheet version of the information on this page, detailing the security and operational responsibilities for MongoDB and its customers.

Download the datasheet
general_security_encryption

Technical & Organizational Security Measures

Review the specific technical and organizational measures MongoDB implements to ensure the security and resilience of the Atlas platform.

Read the documentation
general_security

Security in the Atlas Well-Architected Framework

Learn to design, deploy, and manage secure Atlas workloads using the architectural best practices in the MongoDB Well-Architected Framework.

Read the guide
enterpriseadvanced_ops_manager

Operational Efficiency in the Atlas Well-Architected Framework

Learn to optimize your Atlas deployment for performance and cost using MongoDB’s operational excellence best practices.

Read the guide
mdb_scheduled_work

Reliability in the Atlas Well-Architected Framework

Learn to build resilient Atlas applications using best practices for high availability, fault tolerance, and disaster recovery.

Read the guide
general_security_default

Trust Center

Access comprehensive details on MongoDB’s security, compliance, and privacy posture, including audit reports and global certifications.

Visit the Trust Center
general_security_federated_identity

Customer Trust Portal

Access and download MongoDB’s compliance documentation, including SOC 2 reports, ISO certificates, and third-party audit results.

Access the portal
general_alert

MongoDB Alerts

Stay informed with critical updates on data integrity, security, and operations through MongoDB’s official alerts and advisory page.

View alerts

Build with confidence on a secure foundation

Try Atlas