MongoDB today announced the availability of MongoDB Queryable Encryption at the MongoDB.local Chicago developer conference. The technology aims to help companies protect sensitive data when it is queryed and used on MongoDB.
It reduces the risk of data theft for businesses and improves developer productivity. Built-in encryption capabilities protect highly sensitive operations, such as searching employee records, processing financial transactions, or analyzing medical records, without the need for encryption skills.
The volume of data and the complexity of applications are increasing
Companies face an increasing number of regulations that protect personal information, personal health information, and other sensitive data. To ensure data protection compliance, companies use encryption techniques that make confidential information unreadable through encryption algorithms using a secret key. It can only be decrypted and made readable again with an additional securely managed key.
“Privacy is critical to any business as the volume of data being generated grows, the complexity of modern applications continues to increase, and regulatory demands for privacy increase,” said Saher Azzam, Chief Product Officer, MongoDB. “With MongoDB Queryable Encryption, customers can protect their data and reduce risk with state-of-the-art encryption – all with easy-to-use functionality that developers can quickly integrate into applications.”
Easier to work with encrypted data
Working with encrypted data while using it on the fly is a challenge. However, organizations working with highly sensitive data will want and need to encrypt it throughout its lifecycle – including during querying. Until now, this was only possible with the help of highly specialized teams with extensive coding knowledge.
With MongoDB Queryable Encryption, customers should now be able to more easily encrypt sensitive workloads during processing and consumption for use cases in highly regulated or privacy-sensitive industries such as financial services, healthcare, government, and critical infrastructure. To do this, they must identify which fields in MongoDB databases contain sensitive data and which must be encrypted during use.
Protection from cyber attacks
An authorized end user of a financial services firm needs to inquire about records containing the customer’s account number. When configured with MongoDB Queryable Encryption, query content and account field data remain encrypted as they are transmitted over the network, while stored in the database, and while the query processes data. Once queried, the data becomes visible only to the authorized end user who has a customer-controlled digital security key. This prevents accidental data disclosure or extraction by cyber criminals.
Facilitate the work of developers
With MongoDB Queryable Encryption, developers can now implement the first encryption technology of its kind. MongoDB Cryptography Research Group developed the underlying encryption technology and made it open source. Companies can freely display the cryptographic techniques and code behind the technology.
MongoDB Queryable Encryption can be used with Key Management Interoperability Protocol (KMIP) compliant cryptographic key management services. These include AWS Key Management Service, Microsoft Azure Key Vault, Google Cloud Key Management Service, and more. The general availability of MongoDB Queryable Encryption initially affects support for so-called “equality queries”. Additional query types (such as range, prefix, suffix, and substring) will be available in future releases.
“Certified tv guru. Reader. Professional writer. Avid introvert. Extreme pop culture buff.”
More Stories
Remotely controlled cargo ships coming soon on the Elbe Canal?
Siemens technology makes Baden Canton Hospital smart
Discovering an ancient Mayan city – what do the rainforests hide?