NewMongoDB Atlas integrations for AWS CloudFormation and CDK are now generally available! Learn more

MONGODB SECURITY

Strong Security Defaults. Protect your workloads confidently

Protect your data with strong security defaults on the MongoDB developer data platform. Meet stringent requirements with robust operational and security controls.
Try Free
Contact sales
An illustration of a padlock surrounded by secure apps and data.
MongoDB offers built-in security controls for all your data – with databases managed in a customer environment or MongoDB Atlas, a fully-managed cloud service. MongoDB enables enterprise-grade security features and simplifies deploying and managing your databases.
general_security_federated_identity

realm_user_authorization

general_action_audit

general_security_encryption

cloud_private_link

mdb_workload_isolation

MongoDB Security

Database with built-in security controls and enterprise-grade security features
An illustration of a secure database with locked data.
general_security_federated_identitygeneral_security_federated_identity

Authentication

Authenticate to Atlas UI with your Atlas credentials or single sign-on with your GitHub or Google accounts. Atlas also supports multi-factor authentication (MFA) with various options including OTP authenticators, push notifications, FIDO2 (hardware security keys or biometrics), SMS, and e-mail.

Authenticate to MongoDB database using mechanisms including SCRAM, x.509 certificates, LDAP, passwordless authentication with AWS-IAM and OpenID Connect support (in preview).
Learn about Atlas UI Authentication
Learn about Database Authentication

An illustration of cloud application with keyhole and mobile phone with hand accessing through a fingerprint scan.
realm_user_authorizationrealm_user_authorization

Authorization

Atlas provides Role-Based Access Control (RBAC) to manage all cloud resources, including MongoDB deployments. In Atlas, a user can be granted one or more roles that determine the user's access privilege to an Atlas Organization and a Project. A user can also be granted fine-grained database roles for database operations. With identity federation, you can manage access to Atlas via your identity provider groups and Atlas roles using group-role mappings.

MongoDB database has an extensive RBAC for performing specific actions on database(s) and collection(s).
Learn about RBAC (Atlas)
Learn about RBAC (Enterprise)

An illustration of documents being audited for unauthorized access.
general_action_auditgeneral_action_audit

Auditing

MongoDB offers granular auditing that monitors actions in your MongoDB environment and is designed to prevent and detect any unauthorized access to data, including create, read, update, and delete (CRUD) operations, encryption key management, authentication, and role-based access controls, replication, and sharding cluster operations.Learn about Auditing (Atlas)
Learn about Auditing (Enterprise)

An illustration of a padlock and key set surrounded by code brackets.
general_security_encryptiongeneral_security_encryption

Data Encryption

MongoDB data encryption offers robust features to protect your data while in-transit (network), at-rest (storage), and in-use (memory, logs). Customers can use automatic encryption of key data fields like PII, PHI, or any data deemed sensitive — ensuring data is encrypted throughout its lifecycle.Learn more

An illustration of arms and hands typing on desktop computer with floating application window and padlock.
cloud_private_linkcloud_private_link

Network Security

Atlas offers many options to securely access your data with dedicated clusters deployed in a unique Virtual Private Cloud (VPC) to isolate your data and prevent inbound network access from the internet.

Allow just a one-way connection from your AWS, Azure, or Google Cloud VPC/VNet to Atlas Clusters via Private Endpoints. You can enable peering between your MongoDB Atlas VPC or VNet to your own dedicated application tier virtual private network with the cloud provider of your choice or enable only specific network segments to connect to your Atlas clusters via IP Access list.
Learn more

An illustration of a padlock over 3 data documents.
mdb_workload_isolationmdb_workload_isolation

Data Sovereignty

Atlas databases are available in 100+ regions across AWS, Google Cloud, and Azure. Store your data across any of the regions. Take advantage of multi-cloud and multi-region deployments, allowing you to target the providers and regions that best serve your users. Zoned sharding is available to Atlas customers as part of the fully-managed cloud service to support location-aware storage and database operations for globally distributed application instances and clients.Learn more
Featured Resources
general_security_secure_by_default

Trust Center

Learn more about our strong security controls, regulatory compliance, reliability, and high availability.

enterpriseadvanced_security

Atlas security controls

Learn more about the Atlas security controls and resiliency of the systems and technology that we maintain.

general_security_encryption

Data encryption

Details on MongoDB data encryption technologies and benefits.

general_security_privacy

Data masking

Learn more about we can obfuscate the original data so it can’t easily be tracked back to its initial value.

cloud_global

Atlas shared responsibility model

This datasheet outlines the customer and MongoDB's shared responsibility in securing the MongoDB Atlas​​.

general_action_best_practices

Technical and Organizational Security Measures (TOSMs)

Learn more about security best practices, features, processes and controls applicable to MongoDB Atlas.

cloud_manager

Compliance

Learn about the certifications and attestations that MongoDB developer data platform goes through to meet the unique compliance needs.

general_features_list

Database security features

Learn about features like authentication, RBAC, data masking, encryption, auditing and more.

Build applications with confidence on MongoDB

Make the most of our developer data platform that provides strong security default settings
atlas_product_family

MongoDB Atlas

An integrated suite of cloud database and data services to accelerate and simplify how you build with data.

atlas_for_gov-1

MongoDB Atlas for Government

Meet the security and privacy needs of the U.S. government and agencies with a dedicated FedRAMP® Moderate Authorized environment.

“We credit MongoDB as one of our trusted partners behind the scenes for helping SHOPLINE rise up to become Asia’s largest online and offline smart commerce company, adhering to the highest standards of security and compliance as we continue to grow and take advantage of new opportunities.”
Ian Chan
Engineering director at SHOPLINE
Read the whole story
“MongoDB has helped us transform how we automate security compliance in the cloud and has gone a long way to making the process effortless.”
Matt Gravlin
Principal software engineer, Intuit
“I became much more interested in MongoDB Atlas as we scaled in order to take away the stress of worrying about infrastructure, security, and resilience. After all, we're here to provide benefits to a nation not to run database clusters.”
Patrick Downey
Head of platforms, DWP

Secure your applications on MongoDB

With strong controls, regulatory compliance, and technical measures on a trusted MongoDB developer data platform.
Try AtlasContact sales
PROTECT YOUR DATA CONFIDENTLY:
  • Strong security controls
  • Network isolation
  • Data encryption
  • Granular control access
  • Trusted data platform