Key Connection for MongoDB

Encryption Key Management for MongoDB

Key Connection for MongoDB

Alliance Key Manager for MongoDB offers unparalleled security, flexibility and affordability for all users of MongoDB Enterprise database. With no client-side software to install, you can deploy Alliance Key Manager anywhere you want - your IT data center, VMware deployment, and in the cloud. 

MongoDB Enterprise Certified Technology PartnerMongoDB Enterprise Encryption and Key Management
MongoDB Enterprise eliminates the overhead of file and folder-based encryption solutions by providing encryption support directly in the database engine. For encryption key management MongoDB recommends the use of an external encryption key management solution like Alliance Key Manager for MongoDB. 

Simplified Deployment

MongoDB customers can deploy Alliance Key Manager and install the PKI certificates on the database server to easily begin retrieving encryption keys. Using native command line operations, users can generate a master encryption key and encrypt database keys with Alliance Key Manager for MongoDB.

Never Lose Access to Encrypted Data
Alliance Key Manager mirrors keys between multiple load-balanced key management appliances over a secure and mutually authenticated TLS connection for hot backup and disaster recovery support.   

Complete Audit Trail
Built in logging allows administrators to track all key retrieval, key management, and system activity. Reports can be sent automatically to central log management, alerting facilities, or SIEM products for a timely and permanent record of activity. 

Meet Compliance Requirements
By easily deploying encryption and key management, MongoDB customers can meet a wide variety of compliance regulations including PCI DSS, HIPAA, FISMA, EU General Data Protection Regulation, and many others.

Cost Effective
In addition to providing keys for MongoDB, Alliance Key Manager can also provide support for any number of databases (SQL Server, MySQL, etc.) without additional license fees. This provides businesses with a predictable total cost of ownership.

The Platform You Are On
MongoDB customers can deploy Alliance Key Manager as a hardware security module (HSM), VMware virtual machine, or in the cloud as a native Amazon Web Services (AWS) EC2 instance or Microsoft Azure virtual machine. Alliance Key Manager supports seamless migration and hybrid implementations. 

Supports IBM Power Linux and Intel Architectures
The MongoDB encryption support is built directly into the MongoDB database which means that customers do not need to deploy third party encryption solutions to protect data. Encryption key management is implemented through a native MongoDB interface that uses the Key Management Interoperability Protocol (KMIP) for key management. With a few commands MongoDB customers on both Power and Intel architectures can deploy proper key management using Alliance Key Manager. Since there are not license fees for the client-side implementation MongoDB customers can deploy one key server implementation to serve multiple databases without escalating costs for compliance.


Encryption Key Management Has Never Been Easier

With a few easy steps, businesses can begin protecting their data in MongoDB Enterprise with encryption key management. The video below shows how easy it is to get started.


Connecting Alliance Key Manager to MongoDB


Certifications and Validations

NIST AES compliance (ECB and CBC modes of encryption)

NIST SHA validation

NIST RNG validation (x9.31)

NIST HMAC validation

NIST FIPS 140-2, level 1



TLS authenticated secure communications

GUI console for key management

Secure web application for server management

Network Management



Automatic log rotation

Secure encrypted and integrity checked backups

Case Studies

The Seed Company Case Study

Securing data in MongoDB Enterprise with Alliance Key Manager.


The Definitive Guide to MongoDB Encryption Key Management

This definitive guide covers the critical issues involved in getting encryption right with MongoDB Enterprise.

Solution Briefs

Alliance Key Manager for MongoDB Joint Solution Brief

MongoDB Enterprise simplifies data protection by providing native FIPS compliant encryption of data at rest. Coupled with Townsend Security’s flagship encryption key management solution, Alliance Key Manager, meeting compliance (PCI DSS, HIPAA, etc.) and security standards is even easier and more affordable for large as well as small organizations.


Securing Data in MongoDB

While MongoDB provides a mechanism to encrypt data, it is still up to the users to manage encryption keys.


Alliance Key Manager

Alliance Key Manager works with all major business platforms, cloud platforms, and leading encryption applications.