MongoDB provides various features, such as authentication, access control, encryption, to secure your MongoDB deployments. Some key security features include:
MongoDB also provides the Security Checklist for a list of recommended actions to protect a MongoDB deployment.
MongoDB Atlas, the fully managed service for MongoDB deployments in the cloud, comes preconfigured with secure default settings. Atlas also provides the following key security features:
Authentication and Authorization
In Atlas, you configure database users to access your deployments. Atlas provides various ways to perform user authentication and authorization, including LDAP, OIDC, and X.509. To learn more, see Configure Authentication and Authorization.
By default, Atlas encrypts all data stored in your deployments and uses TLS/SSL to encrypt the connections to your databases. To add another layer of security, you can configure Encryption at Rest using Customer Key Management.
IP Access List
Atlas allows connections only from addresses specified in the IP access list. To learn how to manage client connections in Atlas, see Configure IP Access List Entries.
Cloud Provider Support
For a full list of security features in Atlas, see Security Features for Database Deployments.