MongoDB Continues Commitment to Security with New ISO and CSA Certifications for Growing Data Platform

MongoDB Atlas, Atlas Data Lake, Charts, and Realm Meet Industry-Leading Compliance Guidelines

NEW YORK – November 4, 2021 – MongoDB, Inc. (NASDAQ: MDB), the leading, modern, general purpose database platform, today announced the company’s certification for compliance with ISO 27017:2015 and ISO 27018:2019 on top of the existing ISO 27001:2013 certification, as well as completion of Cloud Security Alliance (CSA) Security Trust and Risk (STAR) Level 2 certification. Performed by independent third-party auditors for MongoDB Atlas, Atlas Data Lake, Charts, and Realm, these certifications are evidence of the Company’s commitment to meet a stringent set of requirements around security and privacy. These certifications demonstrate the maturity of MongoDB’s processes and programs against the highest international standards and further demonstrate MongoDB’s ongoing commitment to ensure customers’ security and privacy.

  • ISO 27017: Provides guidelines for information security controls applicable to and specific to the provisioning and use of cloud services. MongoDB's ISO 27017:2015 certification demonstrates that the company extends its disciplined Information Security Management System (ISMS) to the operation of its cloud services.

  • ISO 27018: Establishes commonly accepted controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) for the public cloud computing environment. The ISO 27018:2019 certification demonstrates MongoDB's commitment to the privacy of customers' data, and that MongoDB, acting as a processor of its customers' PII data, has implemented controls for protecting PII.

  • CSA STAR Level 2: Issued by Cloud Security Alliance, this certification leverages MongoDB's existing Information Security Management System (ISMS) based on the ISO 27001:2013 certification and demonstrates the maturity of MongoDB’s security program in relation to the CSA Cloud Controls Matrix (CCM).

The certifications come on the heels of MongoDB Atlas for Government achieving the FedRAMP designation of “In-Process”. This status reflects MongoDB’s continued progress toward a FedRAMP Authorized modern data platform for the U.S. Government. Earlier this year, MongoDB Atlas for Government achieved the designation of FedRAMP Ready.

“These accreditations are further proof of our commitment to deliver the highest levels of standards and regulatory compliance as part of our ongoing mission to address the most demanding security and privacy requirements of our customers,” said Sahir Azam, Chief Product Officer of MongoDB. “Enterprise customers—as well as government agencies—entrust MongoDB Cloud Services with sensitive application and user data. Our customers can continue to make full use of MongoDB's advantages for agile development while having peace of mind knowing they have industry-leading security operations’ capabilities at their disposal.”

For additional information on MongoDB’s commitment to security, please visit:

About MongoDB

MongoDB is the leading modern, general purpose database platform, designed to unleash the power of software and data for developers and the applications they build. Headquartered in New York, MongoDB has more than 29,000 customers in over 100 countries. The MongoDB database platform has been downloaded over 200 million times and there have been more than 1.5 million registrations for MongoDB University courses.

Investor Relations

Brian Denyeau

ICR for MongoDB


Media Relations

Matt Trocchio