Thursday, August 22, 2013
03:00 PM - 03:45 PM
|Level: ||Technical - Introductory|
MongoDB is being rapidly adopted by enterprises in which data privacy, security, and adherence to compliance standards are of paramount concern, including financial, telcos, and healthcare. Many such organizations are legally required to comply with standards such as PCI/DSS (payment card information), Sarbanes-Oxley, HIPAA, and a variety of data privacy and financial recording regulations in place around the world. Organizations that comply with these standards are less likely to suffer from data breaches that can generate hefty fines and damage to brand loyalty.
This session describes best practices for securing and protecting MongoDB data, considering both data in motion and at rest. These best practices rely on a combination of infrastructure capabilities such as appropriate firewalls, native capability in MongoDB such as Kerberos authentication and new more granular roles, and technology partnerships, including IBM for its implementation of a data activity monitoring solution for MongoDB.
- Setting up the infrastructure
- Using MongoDB security and authentication
- Options for encrypting data at rest
- Data activity monitoring for data in motion, including a case study
Kathryn Zeidenstein is a technology evangelist for IBM InfoSphere Guardium data protection solutions, based out of the Silicon Valley Lab. She is responsible for producing content to build skills and raise awareness for Guardium technologies. She has published several articles and has presented at conferences such as NoSQL Now! She has also done webcasts with organizations such as the Information Systems Security Association and partners such as MongoDB.
Matt Kalan is a Sr. Solutions Architect at 10gen, The MongoDB Company, based in New York, with extensive experience helping more than 200 customers in financial services and other industries solve business problems with technology. Before 10gen, Matt grew Progress Software's Apama Algorithmic Trading and Complex Event Processing (CEP) Platform business in North America and later sold broader operational intelligence solutions to FS firms. He previously worked for Caplin Systems selling solutions to stream real-time market data over the web to FX and FI portals, and for Sapient providing consulting services to global 2000 clients.