SlideShare a Scribd company logo

Simplified Encryption and Key Management

Download as PPTX, PDF
MongoDB
MongoDB

Speaker: Patrick Townsend

Technology
1 of 38
Simplified Encryption & Key Management For MongoDB
Presenter: Patrick Townsend ▪ CEO of Townsend Security ▪ Leading data security expert ▪ 30 years IT industry experience
Presentation Agenda ▪ Encryption and importance of key management ▪ Meeting compliance requirements ▪ Key management best practices ▪ Encryption and key management in MongoDB ▪ Resource guide
Breaches Happen ▪ Equifax, River City Media, Yahoo! – just this year! ▪ Hackers don’t just target credit cards ▪ Email addresses, phone numbers, etc. can be considered PII MongoDB is a respository for LOTS of PII
Why is Key Management Important? ▪ Encryption keys are THE secret that must be protected (not the algorithm) ▪ There are industry standards and best practices for key management (FIPS 140-2) ▪ Compliance regulations (PCI, HIPAA, etc.) require proper key management ▪ Achieve Separation of Duties (SOD) ▪ Separate encryption control and ownership from the cloud provider ▪ aka Key Custody MongoDB highly recommends the use of a Key Manager to secure your encrypted MongoDB data!
Impacts of Encryption Performance – Expect a 2-20% overhead Backup and Restore Operations – Can take longer as information is encrypted High Availability – In the event of an interruption, you need to easily restore your keys from a backup key management solution
High Availability (HA) & Disaster Recovery ▪ Manage encryption keys from a centralized location ▪ Secure and authenticated TLS sessions for administrators ▪ Manage local and remote key servers Key Mirroring ▪ Real-time mirroring of encryption keys and access policy ▪ Active-Active mirroring for failover ▪ Secure, authenticated server-to-server connections ▪ One-to-Many, Many-to-Many
Key Management Best Practices ▪ Ensure origin and quality of keys ▪ Use accepted and standards-based encryption algorithms ▪ Ensure that keys are securely backed up, at all times ▪ Implement strong authentication mechanisms ▪ Protect and restrict access to encryption keys
Encryption and Key Management in the Cloud Challenges, Best Practices & What to Know: ▪ Cloud provider is NOT responsible for YOUR breach (read the SLA) ▪ Public vs. Private Cloud (managing multi-tenancy) ▪ Business recovery – Production and High Availability ▪ Geographic redundancy for key management services ▪ Key custody: Who has access to your keys?
MongoDB Enterprise Encryption – Done Right ▪ Encryption built right into the MongoDB database ▪ Strong 256-bit AES encryption ▪ Good performance with documented guidance ▪ Getting encryption key management right with KMIP ▪ Certifying key management vendors ▪ Good security guidance provided to developers You don’t need a 3rd party encryption solution
Key Management for MongoDB Introduction to Alliance Key Manager This is amazingly easy !
Launch Alliance Key Manager in AWS
Locate and Select Alliance Key Manager in AWS Marketplace
Select a memory/storage family
Create new access key pair for AKM and download
Launch AKM instance
Complete! Alliance Key Manager is now an active instance
Configure Alliance Key Manager
SSH to AKM to configure the key manager, generate keys and certificates
Configure the key manager, generate keys and certificates
Configure the key manager, generate keys and certificates
Configure the key manager, generate keys and certificates
AKM Admin console: Get the key name and information
SSH: Get the certificates from AKM
Configure MongoDB for Key Management
Install certificates on the MongoDB server Create a new directory to hold the certificates, copy to the new directory, set ownership and permissions sudo mkdir /etc/mongodb-kmip Use FileZilla, SCP or similar application to upload the AKMClientAndKey,pem and AKMRootCACertificate.pem files to this directory. sudo chown -R mongodb:mongodb /etc/mongodb-kmip cd /etc/mongodb-kmip sudo chmod -R 600 *
Modify the <hosts> file to add the key manager Use nano or your favorite text editor to change the hosts file to add the key server sudo nano /etc/hosts
Now let’s configure the <mongod.conf> file for key management
Launch MongoDB With Encryption Enabled
Community or Enterprise ? ▪ Advanced security ▪ Encryption and key management ▪ Advanced audit ▪ Advanced memory management
Advanced Topics ▪ MongoDB migration – Unencrypted to Encrypted ▪ Business Continuity and Hot Failover ▪ Production and HA key mirroring ▪ Using a Load Balancer ▪ Hybrid deployments – On-Premise, cross-cloud ▪ VMware, Hardware Security Module (HSM), etc.
Townsend Security + MongoDB ▪ Formerly certified key management with MongoDB security team ▪ Certified on Intel and IBM Power systems ▪ Joined MongoDB Partner Advisory Council ▪ Key management pricing to match MongoDB model ▪ Lowering the barriers to security ! ▪ Customer support for MongoDB key management deployment
MongoDB Upgrades and Options ▪ Upgrading from MongoDB Community Edition? ▪ We can bring a MongoDB Expert to help with sizing, planning, and migration ▪ Considering IBM Power Linux? ▪ We can bring a Power Linux Expert to help with sizing, pricing, and deployment ▪ Full support for Nutanix! ▪ Great for high performance, on-premise MongoDB deployments
Evaluations are Easy ▪ No-charge evaluation process ▪ Rapid deployment ▪ Full customer support during evaluation period ▪ Fully functional key management
Resources Townsend Security documentation for MongoDB: http://docs.townsendsecurity.com/akm_guide_for_mongodb_enterprise_edition/#top Townsend Security documentation for AKM in AWS: http://docs.townsendsecurity.com/akm_for_aws_quick_start_guide/#top MongoDB Enterprise installation: https://docs.mongodb.com/manual/tutorial/install-mongodb-enterprise-on-ubuntu/#install- mongodb-enterprise
MongoDB Security Blog post: https://www.mongodb.com/blog/post/update-how-to-avoid-a-malicious-attack-that-ransoms-your- data MongoDB Security Checklist: https://docs.mongodb.com/manual/administration/security-checklist/ MongoDB Encryption at Rest https://docs.mongodb.com/manual/core/security-encryption-at-rest/ Resources
Corporate Headquarters 724 Columbia St NW, Suite 400 Olympia, WA 98501 Phone: 360 359 4400 Online: townsendsecurity.com @townsendsecure Any Questions? Patrick Townsend patrick.townsend@townsendsecurity.com @patricksecurity

Recommended

MongoDB World 2018: Simplified Encryption & Key Management for MongoDB
MongoDB World 2018: Simplified Encryption & Key Management for MongoDBMongoDB World 2018: Simplified Encryption & Key Management for MongoDB
MongoDB World 2018: Simplified Encryption & Key Management for MongoDBMongoDB
 
MongoDB.local DC 2018: Simplified Encryption & Key Management for MongoDB
MongoDB.local DC 2018: Simplified Encryption & Key Management for MongoDBMongoDB.local DC 2018: Simplified Encryption & Key Management for MongoDB
MongoDB.local DC 2018: Simplified Encryption & Key Management for MongoDBMongoDB
 
C* Summit 2013: Lock it Up: Securing Sensitive Data by Sam Heywood
C* Summit 2013: Lock it Up: Securing Sensitive Data by Sam HeywoodC* Summit 2013: Lock it Up: Securing Sensitive Data by Sam Heywood
C* Summit 2013: Lock it Up: Securing Sensitive Data by Sam HeywoodDataStax Academy
 
Understanding Database Encryption & Protecting Against the Insider Threat wit...
Understanding Database Encryption & Protecting Against the Insider Threat wit...Understanding Database Encryption & Protecting Against the Insider Threat wit...
Understanding Database Encryption & Protecting Against the Insider Threat wit...MongoDB
 
CloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - WebinarCloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - WebinarCloudflare
 
Global Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key VaultGlobal Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key VaultAlberto Diaz Martin
 
The Rise of Secrets Management
The Rise of Secrets ManagementThe Rise of Secrets Management
The Rise of Secrets ManagementAkeyless
 
How Secure is Azure?
How Secure is Azure?How Secure is Azure?
How Secure is Azure?Lai Yoong Seng
 

Recommended

MongoDB World 2018: Simplified Encryption & Key Management for MongoDB
MongoDB World 2018: Simplified Encryption & Key Management for MongoDBMongoDB World 2018: Simplified Encryption & Key Management for MongoDB
MongoDB World 2018: Simplified Encryption & Key Management for MongoDBMongoDB
 
MongoDB.local DC 2018: Simplified Encryption & Key Management for MongoDB
MongoDB.local DC 2018: Simplified Encryption & Key Management for MongoDBMongoDB.local DC 2018: Simplified Encryption & Key Management for MongoDB
MongoDB.local DC 2018: Simplified Encryption & Key Management for MongoDBMongoDB
 
C* Summit 2013: Lock it Up: Securing Sensitive Data by Sam Heywood
C* Summit 2013: Lock it Up: Securing Sensitive Data by Sam HeywoodC* Summit 2013: Lock it Up: Securing Sensitive Data by Sam Heywood
C* Summit 2013: Lock it Up: Securing Sensitive Data by Sam HeywoodDataStax Academy
 
Understanding Database Encryption & Protecting Against the Insider Threat wit...
Understanding Database Encryption & Protecting Against the Insider Threat wit...Understanding Database Encryption & Protecting Against the Insider Threat wit...
Understanding Database Encryption & Protecting Against the Insider Threat wit...MongoDB
 
CloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - WebinarCloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - WebinarCloudflare
 
Global Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key VaultGlobal Azure Bootcamp 2017 - Azure Key Vault
Global Azure Bootcamp 2017 - Azure Key VaultAlberto Diaz Martin
 
The Rise of Secrets Management
The Rise of Secrets ManagementThe Rise of Secrets Management
The Rise of Secrets ManagementAkeyless
 
How Secure is Azure?
How Secure is Azure?How Secure is Azure?
How Secure is Azure?Lai Yoong Seng
 
Simplified Encryption and Key Management
Simplified Encryption and Key ManagementSimplified Encryption and Key Management
Simplified Encryption and Key ManagementMongoDB
 
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...AWS Chicago
 
MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...
MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...
MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...MongoDB
 
Q Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - ConjurQ Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - Conjurconjur_inc
 
Bp101-Can Domino Be Hacked
Bp101-Can Domino Be HackedBp101-Can Domino Be Hacked
Bp101-Can Domino Be HackedHoward Greenberg
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and PerformanceElogic Magento Development
 
Enterprise Cloud Security
Enterprise Cloud SecurityEnterprise Cloud Security
Enterprise Cloud SecurityMongoDB
 
MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...
MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...
MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...MongoDB
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationTriNimbus
 
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...MongoDB
 
MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)
MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)
MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)Shrey Batra
 
Serverless_with_MongoDB
Serverless_with_MongoDBServerless_with_MongoDB
Serverless_with_MongoDBAmazon Web Services
 
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...WSO2
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Denodo
 
Building a Cross Cloud Data Protection Engine
Building a Cross Cloud Data Protection EngineBuilding a Cross Cloud Data Protection Engine
Building a Cross Cloud Data Protection EngineDatabricks
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StoryCloudLock
 
XP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsXP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsVlad Fedosov
 
在-MongoDB-Cloud-上構建無服務器化應用
在-MongoDB-Cloud-上構建無服務器化應用在-MongoDB-Cloud-上構建無服務器化應用
在-MongoDB-Cloud-上構建無服務器化應用Amazon Web Services
 
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...MongoDB
 
MongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB AtlasMongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB AtlasMongoDB
 
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!MongoDB
 

More Related Content

Similar to Simplified Encryption and Key Management

Simplified Encryption and Key Management
Simplified Encryption and Key ManagementSimplified Encryption and Key Management
Simplified Encryption and Key ManagementMongoDB
 
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...AWS Chicago
 
MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...
MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...
MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...MongoDB
 
Q Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - ConjurQ Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - Conjurconjur_inc
 
Bp101-Can Domino Be Hacked
Bp101-Can Domino Be HackedBp101-Can Domino Be Hacked
Bp101-Can Domino Be HackedHoward Greenberg
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and PerformanceElogic Magento Development
 
Enterprise Cloud Security
Enterprise Cloud SecurityEnterprise Cloud Security
Enterprise Cloud SecurityMongoDB
 
MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...
MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...
MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...MongoDB
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationTriNimbus
 
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...MongoDB
 
MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)
MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)
MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)Shrey Batra
 
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...WSO2
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Denodo
 
Building a Cross Cloud Data Protection Engine
Building a Cross Cloud Data Protection EngineBuilding a Cross Cloud Data Protection Engine
Building a Cross Cloud Data Protection EngineDatabricks
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StoryCloudLock
 
XP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsXP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsVlad Fedosov
 
在-MongoDB-Cloud-上構建無服務器化應用
在-MongoDB-Cloud-上構建無服務器化應用在-MongoDB-Cloud-上構建無服務器化應用
在-MongoDB-Cloud-上構建無服務器化應用Amazon Web Services
 
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...MongoDB
 

Similar to Simplified Encryption and Key Management (20)

Simplified Encryption and Key Management
Simplified Encryption and Key ManagementSimplified Encryption and Key Management
Simplified Encryption and Key Management
 
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...
 
MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...
MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...
MongoDB .local Bengaluru 2019: New Encryption Capabilities in MongoDB 4.2: A ...
 
Q Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - ConjurQ Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - Conjur
 
Bp101-Can Domino Be Hacked
Bp101-Can Domino Be HackedBp101-Can Domino Be Hacked
Bp101-Can Domino Be Hacked
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance
 
Enterprise Cloud Security
Enterprise Cloud SecurityEnterprise Cloud Security
Enterprise Cloud Security
 
MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...
MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...
MongoDB World 2019: New Encryption Capabilities in MongoDB 4.2: A Deep Dive i...
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
 
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
MongoDB .local London 2019: New Encryption Capabilities in MongoDB 4.2: A Dee...
 
MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)
MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)
MongoDB MUG Delhi NCR - December 19 2020 (Cloud Security)
 
Serverless_with_MongoDB
Serverless_with_MongoDBServerless_with_MongoDB
Serverless_with_MongoDB
 
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB Deployment
 
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
 
Building a Cross Cloud Data Protection Engine
Building a Cross Cloud Data Protection EngineBuilding a Cross Cloud Data Protection Engine
Building a Cross Cloud Data Protection Engine
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's Story
 
XP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsXP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applications
 
在-MongoDB-Cloud-上構建無服務器化應用
在-MongoDB-Cloud-上構建無服務器化應用在-MongoDB-Cloud-上構建無服務器化應用
在-MongoDB-Cloud-上構建無服務器化應用
 
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
 

More from MongoDB

MongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB AtlasMongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB AtlasMongoDB
 
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!MongoDB
 
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB
 
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDBMongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDBMongoDB
 
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...MongoDB
 
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series DataMongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series DataMongoDB
 
MongoDB SoCal 2020: MongoDB Atlas Jump Start
MongoDB SoCal 2020: MongoDB Atlas Jump Start MongoDB SoCal 2020: MongoDB Atlas Jump Start
MongoDB SoCal 2020: MongoDB Atlas Jump StartMongoDB
 
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]MongoDB
 
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2MongoDB
 
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB
 
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!MongoDB
 
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your MindsetMongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your MindsetMongoDB
 
MongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
MongoDB .local San Francisco 2020: MongoDB Atlas JumpstartMongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
MongoDB .local San Francisco 2020: MongoDB Atlas JumpstartMongoDB
 
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...MongoDB
 
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++MongoDB
 
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...MongoDB
 
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep DiveMongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep DiveMongoDB
 
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & GolangMongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & GolangMongoDB
 
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...MongoDB
 
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...MongoDB
 

More from MongoDB (20)

MongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB AtlasMongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
 
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
 
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
 
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDBMongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
 
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
 
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series DataMongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
 
MongoDB SoCal 2020: MongoDB Atlas Jump Start
MongoDB SoCal 2020: MongoDB Atlas Jump Start MongoDB SoCal 2020: MongoDB Atlas Jump Start
MongoDB SoCal 2020: MongoDB Atlas Jump Start
 
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
 
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
 
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
 
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
 
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your MindsetMongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
 
MongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
MongoDB .local San Francisco 2020: MongoDB Atlas JumpstartMongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
MongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
 
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
 
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
 
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
 
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep DiveMongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
 
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & GolangMongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
 
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
 
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
 

Recently uploaded

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Recently uploaded (20)

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Simplified Encryption and Key Management

  • 1. Simplified Encryption & Key Management For MongoDB
  • 2. Presenter: Patrick Townsend ▪ CEO of Townsend Security ▪ Leading data security expert ▪ 30 years IT industry experience
  • 3. Presentation Agenda ▪ Encryption and importance of key management ▪ Meeting compliance requirements ▪ Key management best practices ▪ Encryption and key management in MongoDB ▪ Resource guide
  • 4. Breaches Happen ▪ Equifax, River City Media, Yahoo! – just this year! ▪ Hackers don’t just target credit cards ▪ Email addresses, phone numbers, etc. can be considered PII MongoDB is a respository for LOTS of PII
  • 5.
  • 6. Why is Key Management Important? ▪ Encryption keys are THE secret that must be protected (not the algorithm) ▪ There are industry standards and best practices for key management (FIPS 140-2) ▪ Compliance regulations (PCI, HIPAA, etc.) require proper key management ▪ Achieve Separation of Duties (SOD) ▪ Separate encryption control and ownership from the cloud provider ▪ aka Key Custody MongoDB highly recommends the use of a Key Manager to secure your encrypted MongoDB data!
  • 7. Impacts of Encryption Performance – Expect a 2-20% overhead Backup and Restore Operations – Can take longer as information is encrypted High Availability – In the event of an interruption, you need to easily restore your keys from a backup key management solution
  • 8. High Availability (HA) & Disaster Recovery ▪ Manage encryption keys from a centralized location ▪ Secure and authenticated TLS sessions for administrators ▪ Manage local and remote key servers Key Mirroring ▪ Real-time mirroring of encryption keys and access policy ▪ Active-Active mirroring for failover ▪ Secure, authenticated server-to-server connections ▪ One-to-Many, Many-to-Many
  • 9. Key Management Best Practices ▪ Ensure origin and quality of keys ▪ Use accepted and standards-based encryption algorithms ▪ Ensure that keys are securely backed up, at all times ▪ Implement strong authentication mechanisms ▪ Protect and restrict access to encryption keys
  • 10. Encryption and Key Management in the Cloud Challenges, Best Practices & What to Know: ▪ Cloud provider is NOT responsible for YOUR breach (read the SLA) ▪ Public vs. Private Cloud (managing multi-tenancy) ▪ Business recovery – Production and High Availability ▪ Geographic redundancy for key management services ▪ Key custody: Who has access to your keys?
  • 11. MongoDB Enterprise Encryption – Done Right ▪ Encryption built right into the MongoDB database ▪ Strong 256-bit AES encryption ▪ Good performance with documented guidance ▪ Getting encryption key management right with KMIP ▪ Certifying key management vendors ▪ Good security guidance provided to developers You don’t need a 3rd party encryption solution
  • 12. Key Management for MongoDB Introduction to Alliance Key Manager This is amazingly easy !
  • 13. Launch Alliance Key Manager in AWS
  • 14. Locate and Select Alliance Key Manager in AWS Marketplace
  • 16. Create new access key pair for AKM and download
  • 18. Complete! Alliance Key Manager is now an active instance
  • 20. SSH to AKM to configure the key manager, generate keys and certificates
  • 21. Configure the key manager, generate keys and certificates
  • 22. Configure the key manager, generate keys and certificates
  • 23. Configure the key manager, generate keys and certificates
  • 24. AKM Admin console: Get the key name and information
  • 25. SSH: Get the certificates from AKM
  • 26. Configure MongoDB for Key Management
  • 27. Install certificates on the MongoDB server Create a new directory to hold the certificates, copy to the new directory, set ownership and permissions sudo mkdir /etc/mongodb-kmip Use FileZilla, SCP or similar application to upload the AKMClientAndKey,pem and AKMRootCACertificate.pem files to this directory. sudo chown -R mongodb:mongodb /etc/mongodb-kmip cd /etc/mongodb-kmip sudo chmod -R 600 *
  • 28. Modify the <hosts> file to add the key manager Use nano or your favorite text editor to change the hosts file to add the key server sudo nano /etc/hosts
  • 29. Now let’s configure the <mongod.conf> file for key management
  • 30. Launch MongoDB With Encryption Enabled
  • 31. Community or Enterprise ? ▪ Advanced security ▪ Encryption and key management ▪ Advanced audit ▪ Advanced memory management
  • 32. Advanced Topics ▪ MongoDB migration – Unencrypted to Encrypted ▪ Business Continuity and Hot Failover ▪ Production and HA key mirroring ▪ Using a Load Balancer ▪ Hybrid deployments – On-Premise, cross-cloud ▪ VMware, Hardware Security Module (HSM), etc.
  • 33. Townsend Security + MongoDB ▪ Formerly certified key management with MongoDB security team ▪ Certified on Intel and IBM Power systems ▪ Joined MongoDB Partner Advisory Council ▪ Key management pricing to match MongoDB model ▪ Lowering the barriers to security ! ▪ Customer support for MongoDB key management deployment
  • 34. MongoDB Upgrades and Options ▪ Upgrading from MongoDB Community Edition? ▪ We can bring a MongoDB Expert to help with sizing, planning, and migration ▪ Considering IBM Power Linux? ▪ We can bring a Power Linux Expert to help with sizing, pricing, and deployment ▪ Full support for Nutanix! ▪ Great for high performance, on-premise MongoDB deployments
  • 35. Evaluations are Easy ▪ No-charge evaluation process ▪ Rapid deployment ▪ Full customer support during evaluation period ▪ Fully functional key management
  • 36. Resources Townsend Security documentation for MongoDB: http://docs.townsendsecurity.com/akm_guide_for_mongodb_enterprise_edition/#top Townsend Security documentation for AKM in AWS: http://docs.townsendsecurity.com/akm_for_aws_quick_start_guide/#top MongoDB Enterprise installation: https://docs.mongodb.com/manual/tutorial/install-mongodb-enterprise-on-ubuntu/#install- mongodb-enterprise
  • 37. MongoDB Security Blog post: https://www.mongodb.com/blog/post/update-how-to-avoid-a-malicious-attack-that-ransoms-your- data MongoDB Security Checklist: https://docs.mongodb.com/manual/administration/security-checklist/ MongoDB Encryption at Rest https://docs.mongodb.com/manual/core/security-encryption-at-rest/ Resources
  • 38. Corporate Headquarters 724 Columbia St NW, Suite 400 Olympia, WA 98501 Phone: 360 359 4400 Online: townsendsecurity.com @townsendsecure Any Questions? Patrick Townsend patrick.townsend@townsendsecurity.com @patricksecurity

Editor's Notes

  1. To do: Describe difference between Community and Enterprise Editions of MongoDB.