2 min Security

MongoDB Queryable Encryption protects sensitive data, even when it’s in use

MongoDB Queryable Encryption protects sensitive data, even when it’s in use

MongoDB recently made its Queryable Encryption technology generally available in Mongo DB 7.0. This feature allows sensitive data to be encrypted during queries and during use in the cloud-based database environment, providing additional protection.

According to MongoDB, the Queryable Encryption technology ensures that sensitive data workloads are encrypted throughout the lifecycle – even while processing queries in the database provided by MongoDB and the resulting outcomes.

By applying MongoDB Queryable Encryption, it is only possible to access the data with a decryption key. This key is only in the possession of the client. This should prevent unwanted exposure of encrypted data to the outside world.

Easy to implement

Benefits include that during searches on the encrypted data, an advanced search algorithm ensures that the server processes and retrieves appropriate documents without “understanding” anything about the content of the data or why the document should be returned.

In addition, Queryable Encryption’s encryption technology is based on standardized encryption, such as that of NIST. Queryable Encryption also provides a faster application development cycle. Developers do not need specific knowledge of cryptography and can easily integrate the technology into their applications. In fact, developers can encrypt their sensitive data quickly and easily without code intervention.

Furthermore, the technology, which secures data from the cloud, offers more options for mitigating operational risks. A final benefit is that with MongoDB Queryable Encryption is that companies are more compliant with the most stringent data privacy requirements, including HIPAA, GDPR, CCPA, and PCI.

Version 7.0

The technology is now available in the latest version of the MongoDB platform, version 7.0. A preview was already available in MongoDB 6.0. The technology will be further optimized and extended in the near future.

Also read: MongoDB databases are still being held hostage two years after first attacks