Key Connection for MongoDB

Encryption Key Management for MongoDB

hbspt.forms.create({ sfdcCampaignId: '70140000000yBX3AAM', portalId: '15891', formId: 'd1df2c1b-713d-46f3-93c1-bcf6021ec633' });


Alliance Key Manager for MongoDB offers unparalleled security, flexibility and affordability for all users of MongoDB Enterprise database. With no client-side software to install, you can deploy Alliance Key Manager anywhere you want - your IT data center, VMware deployment, and in the cloud.

    MongoDB Enterprise Encryption and Key Management
    MongoDB Enterprise eliminates the overhead of file and folder-based encryption solutions by providing encryption support directly in the database engine. For encryption key management MongoDB recommends the use of an external encryption key management solution like Alliance Key Manager for MongoDB. 
    Simplified Deployment
    MongoDB customers can deploy Alliance Key Manager and install the PKI certificates on the database server to easily begin retrieving encryption keys. Using native command line operations, users can generate a master encryption key and encrypt database keys with Alliance Key Manager for MongoDB.
    Never Lose Access to Encrypted Data
    Alliance Key Manager mirrors keys between multiple load-balanced key management appliances over a secure and mutually authenticated TLS connection for hot backup and disaster recovery support.   
    Complete Audit Trail
    Built in logging allows administrators to track all key retrieval, key management, and system activity. Reports can be sent automatically to central log management, alerting facilities, or SIEM products for a timely and permanent record of activity. 
    Meet Compliance Requirements
    By easily deploying encryption and key management, MongoDB customers can meet a wide variety of compliance regulations including PCI DSS, HIPAA, FISMA, EU General Data Protection Regulation, and many others.
    Cost Effective
    In addition to providing keys for MongoDB, Alliance Key Manager can also provide support for for many number of databases (SQL Server, MySQL, etc.) without additional license fees. This provides businesses with a predictable total cost of ownership.
    The Platform You Are On
    MongoDB customers can deploy Alliance Key Manager as a hardware security module (HSM), VMware virtual machine, or in the cloud as a native Amazon Web Services (AWS) EC2 instance or Microsoft Azure virtual machine. Alliance Key Manager supports seamless migration and hybrid implementations.

    Deployment & Training Services Are Included
    Complexity is usually the largest concern in integrating encryption key management.  Townsend Security has simplified the process. When businesses choose Alliance Key Manager, they not only receive industry leading encryption key management, but free deployment and security hardening services. Townsend Security’s services team will: 

    • Install and initialize Alliance Key Manager (AKM) virtual image
    • TLS certificate management, download and expiration date tracking
    • Redundancy implementation of mirroring
    • Backup configuration support
    • Security log forwarding via Syslog
    • MFA activation
    • Installation and configuration of Admin Console for key lifecycle management
    • Key retrieval configuration including vSphere, SQL TDE, MongoDB TDE, etc... 
    Certifications and Validations

    NIST AES compliance (ECB and CBC modes of encryption)

    NIST SHA validation

    NIST RNG validation (x9.31)

    NIST HMAC validation

    NIST FIPS 140-2, level 1




    Encryption Services

    128-bit AES encryption and decryption, ECB mode

    192-bit AES encryption and decryption, ECB mode

    256-bit AES encryption and decryption, ECB mode

    128-bit AES encryption and decryption, CBC mode

    192-bit AES encryption and decryption, CBC mode

    256-bit AES encryption and decryption, CBC mode

    Case Studies

    The Seed Company Case Study

    Securing data in MongoDB Enterprise with Alliance Key Manager.


    The Definitive Guide to MongoDB Encryption Key Management

    This definitive guide covers the critical issues involved in getting encryption right with MongoDB Enterprise.

    Solution Briefs

    Alliance Key Manager

    Alliance Key Manager (AKM) is a solution that provides Enterprise customers, OEMs, and ISVs with a secure method of managing encryption keys for their data security applications.

    Alliance Key Manager for VMware

    Using the same FIPS 140-2 compliant technology that is in Townsend Security’s (HSM), Alliance Key Manager for VMware enables enterprises to meet compliance requirements and accelerate deployment of mission critical security technology.

    Alliance Key Manager Platforms

    Alliance Key Manager is an encryption key manager that is available as a hardware security module (HSM), cloud HSM, VMware, or in the cloud (Microsoft Azure, Amazon Web Services, vCloud, etc.)

    Alliance Key Manager Platforms and Languages

    Alliance Key Manager (AKM) provides the strong protection for encryption keys that is central to a secure encryption strategy.


    Securing Data in MongoDB

    While MongoDB provides a mechanism to encrypt data, it is still up to the users to manage encryption keys.


    Alliance Key Manager

    Alliance Key Manager works with all major business platforms, cloud platforms, and leading encryption applications.

    White Papers

    Introduction to Encrypting Data in MongoDB

    Learn how MongoDB users can achieve strong data security, along with options to secure and manage encryption keys to meet industry compliance requirements and meet data security best practices. 

    What Data Needs Encrypted in MongoDB?

    Generally speaking, you should encrypt any information that alone, or when combined with other information, can identify a unique, individual person. This is called Personally Identifying Information, or PII.