Hi @Deepak_Maharana ,
Remote access to a MongoDB deployment is determined by Access Control including authentication and Role-Based access. With access control properly configured, a remote client must present valid credentials in order to remotely view or manipulate data in your deployment.
Encryption at rest refers to the underlying data files, not remote connections. If someone had a physical copy of data files (for example, from a backup of your MongoDB deployment) the files would not be decipherable without the private encryption key.
Network encryption encrypts data in transit to and from your MongoDB deployment.
All of the above security measures are separately configured, but complementary as part of a well secured deployment. The Security Checklist mentions a few other measures including limiting network exposure via firewalls and VPNs.
To summarise, you can configure:
- Role-Based Access Control to limit remote access to your deployment
- Network Encryption to securely communicate with your deployment
- Encryption at Rest to prevent access to the raw data files
- Limited Network Exposure via network and O/S configuration
- (optionally) Queryable Encryption to encrypt sensitive fields within documents
Regards,
Stennie