MongoDB Achieves Two Key Security Benchmarks
New York City, New York – June 10, 2019 - MongoDB, Inc. (NASDAQ: MDB), the leading, modern general purpose database platform, today announced it has achieved two security benchmarks that further the company’s commitment to providing customers industry-best security capabilities.
The global cloud database, MongoDB Atlas, has been recommended for ISO/IEC 27001:2013 accredited registration, recognizing the company’s commitment to providing customers with best-practices and comprehensive information security management. Following an extensive audit process, the certification was issued by Schellman & Company LLC, an ANAB and UKAS Accredited Certification Body based in the United States.
ISO/IEC 27001 is a globally recognized standard mandating numerous controls for the establishment, maintenance and certification of an information security management system (ISMS). MongoDB’s ISO/IEC 27001 certification specifies a host of technical, administrative and physical controls designed to secure MongoDB’s own information, as well as customer and employee information within the context of overall business risks. MongoDB received the certification upon its first attempt, showcasing the completeness and rigor of its information security program.
“ISO 27001 certification is one of the strongest signals of a mature information security management system,” said Joel Anderson, Vice President of Technical Operations, MongoDB. “Protecting our customer’s data is a top priority for us, and this achievement further validates why some of the largest companies in the most regulated and sensitive industries work with MongoDB.”
Additionally, MongoDB has received Security Technical Implementation Guide (STIG) approval from the Defense Information Systems Agency (DISA). This approval allows U.S. Department of Defense (DoD) agencies to deploy MongoDB within certain DoD networks. MongoDB is the first non-relational database on the market to earn a STIG.
“This STIG approval is the latest validation that MongoDB is committed to government-grade benchmarks that help ensure workloads can be safely deployed and monitored for even high-risk environments,” said Davi Ottenheimer, Vice President of Trust and Digital Ethics. “Government agencies--as well as our enterprise customers--can make full use of MongoDB’s performance advantages for agile development while knowing they have industry-leading security operations capabilities at their disposal.”
STIGs are the configuration standards for DoD Information Assurance (IA) and IA-enabled devices and systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD's security systems by providing STIGs. STIGs contain technical guidance to "lock down" information systems and software that might otherwise be vulnerable to a malicious computer attack.
MongoDB is the leading modern, general purpose database platform, designed to unleash the power of software and data for developers and the applications they build. Headquartered in New York, MongoDB has more than 14,200 customers in over 100 countries. The MongoDB database platform has been downloaded over 65 million times and there have been more than one million MongoDB University registrations.