Strong Security Defaults. Protect your workloads confidently

Atlas provides Role-Based Access Control (RBAC) to manage all cloud resources, including MongoDB deployments. In Atlas, a user can be granted one or more roles that determine the user's access privilege to an Atlas Organization and a Project. A user can also be granted fine-grained database roles for database operations. With identity federation, you can manage access to Atlas via your identity provider groups and Atlas roles using group-role mappings.

MongoDB database has an extensive RBAC for performing specific actions on database(s) and collection(s).

MongoDB offers granular auditing that monitors actions in your MongoDB environment and is designed to prevent and detect any unauthorized access to data, including create, read, update, and delete (CRUD) operations, encryption key management, authentication, and role-based access controls, replication, and sharding cluster operations.

MongoDB data encryption offers robust features to protect your data while in-transit (network), at-rest (storage), and in-use (memory, logs). Customers can use automatic encryption of key data fields like PII, PHI, or any data deemed sensitive — ensuring data is encrypted throughout its lifecycle.

Atlas offers many options to securely access your data with dedicated clusters deployed in a unique Virtual Private Cloud (VPC) to isolate your data and prevent inbound network access from the internet.

Allow just a one-way connection from your AWS, Azure, or Google Cloud VPC/VNet to Atlas Clusters via Private Endpoints. You can enable peering between your MongoDB Atlas VPC or VNet to your own dedicated application tier virtual private network with the cloud provider of your choice or enable only specific network segments to connect to your Atlas clusters via IP Access list.