Encryption at Rest
Learn how to encrypt MongoDB data at rest using customer-managed encryption keys (BYOK). Understand how to integrate key management systems (KMS) and configure encryption policies to enhance security and compliance.
|
Upon completion of the Encryption at Rest skill and skill check, you will earn a Credly Badge that you are able to share with your network. |
Learning Objectives
Identify and implement MongoDB's encryption at rest solutions
Learn how Encryption at Rest works and the different options available in MongoDB.
Enable Encrypted Storage Engine in Enterprise Advance deployments
Configure the Key Management Interoperability Protocol (KMIP) and enable Encrypted Storage Engine.
Configure Encrypted Storage Engine using Cloud Key Management System (KMS) integration in MongoDB Atlas
Learn about the role of Cloud KMS in enabling Encrypted Storage Engine in MongoDB Atlas.
Sarah Evans | Senior Curriculum Engineer
Sarah is a Senior Curriculum Engineer on the Curriculum team at MongoDB. Prior to MongoDB, she taught and developed curricula for developer bootcamps. Sarah has a MAT degree from Columbia University Teachers College and studied Software Engineering at Flatiron School in Chicago, IL.
Parker Faucher | University Curriculum Engineer
Parker is a Curriculum Engineer on the Education team at MongoDB. Prior to joining MongoDB, he helped maintain a world class developer bootcamp that was offered in multiple universities. He is a self taught developer who loves being able to give back to the community that has helped him so much.
Daniel Curran | Senior Software Engineer
Daniel is a Senior Software Engineer at MongoDB. Before joining MongoDB, he worked as an Instructional Designer and Content Developer specialising in technical content for a host of international clients. Daniel's goal is to remove obstacles so learners can feel confident on their journey to become masters of MongoDB.
Joel Lord | Lead Curriculum Engineer
Joel is a Lead Curriculum Engineer at MongoDB, focused on helping developers build better applications through accessible educational content. He started his career in software nearly 25 years ago and only paused briefly to pick up a B.Sc. in computational astrophysics from Université Laval. Since then, he’s worked across software development, developer advocacy, and technical education. Outside of work, he enjoys stargazing, homebrewing, and providing emotional support to his two cats, who frequently make guest appearances on Zoom.
John McCambridge | Curriculum Engineer
John is a Curriculum Engineer on the University team at MongoDB. Before his work as a Curriculum Engineer, he was an instructor and teaching assistant for coding boot camps at UT (Austin), and UCLA. Additionally, he worked as a QA engineer for a startup called Coder and spent five years at Apple Inc. John is a passionate software engineer and educator who enjoys taking complex topics and making them digestible for the community.
Davenson Lombard | Senior Software Engineer
Davenson Lombard is a Senior Software engineer at MongoDB on the Education Team. Prior to that, Davenson was a Technical Services Engineer at MongoDB and a Customer Success architect at Confluent. Davenson holds a Bachelor in Electrical Engineering from Concordia University in Montreal.
Emilio Scalise | Staff Technologist
Emilio is a multi-skilled IT specialist with a vast knowledge in system administration, databases, software development, network security, and cloud solutions. He is currently a Staff Technologist at MongoDB, producing internal and external learning materials. With over 8 years at MongoDB Support Organization, including five as a Staff Technical Support Engineer, he's developed considerable expertise in MongoDB's products and cloud services. In addition, Emilio is a certified MySQL DBA and experienced in technical translations between English and Italian.
Manuel Fontan Garcia | Senior Technologist
Manuel is a Senior Technologist on the Curriculum team at MongoDB. Previously he was a Senior Technical Services Engineer in the Core team at MongoDB. In between Manuel worked as a database reliability engineer at Slack for a little over 2 years and then for Cognite until he re-joined MongoDB. With over 15 years experience in software development and distributed systems, he is naturally curious and holds a Telecommunications Engineering MSc from Vigo University (Spain) and a Free and Open Source Software MSc from Rey Juan Carlos University (Spain).
In this skill badge, I'll show you how encryption at rest can help you protect your data.
Let's take a moment to set the stage for why we need encryption at rest. When we store our data, it's saved to a disk on a server. If our app leverages the cloud, the data is likely spread across multiple data centers across the world. But what if someone physically steals the server or if another tenant in the same data center gains unauthorized access to the data stored on the server's disk? Although data centers are typically secure environments, it is crucial to safeguard our data against potential threats like these. One of the most effective strategies to mitigate such risks is to implement encryption at rest.
Whether you're using Atlas or managing MongoDB on your own, we have you covered.
With MongoDB Atlas, encryption at rest is enabled by default, ensuring that your data is automatically protected without any extra configuration.
Additionally, the opportunity to bring your own keys or BYOK gives you enhanced control and governance over your data, adding an extra layer of security tailored to your needs. Meanwhile, for MongoDB Enterprise advanced deployments, encryption at rest focuses on providing configurable encryption options directly at the storage level, allowing you to customize how your data is protected based on your specific requirements. Throughout this skill badge, we'll learn more about how encryption at rest works in MongoDB and how we can implement it. To start off, we'll explore the key benefits of encryption at rest. We'll take a closer look at the different types of encryption at rest with a focus on the specific approach MongoDB uses.
Additionally, we'll examine how encryption at rest differs between MongoDB Atlas and enterprise advanced deployments. After that, we'll focus on MongoDB Atlas and investigate how we can set up encryption at rest to use a bring your own keys (BYOK) approach. Then we'll learn how to enable encryption at rest using a server that is compliant with the key management interoperability protocol or KMIP in a MongoDB enterprise advanced deployment.
In this skill, you'll learn concepts through detailed videos and hands on labs. Then you'll be ready to take a short skill check to demonstrate your knowledge.
After passing the test, you'll receive an official Credly badge to share on LinkedIn so you can show off your knowledge and skills. Let's get started.
