Encryption types
MongoDB offers robust data encryption features to safeguard your data. Here's a summary of three encryption methods, that'll be explored in more detail later in this chapter:
- Encryption in-transit: Encryption in-transit protects data during transmission between MongoDB clients and servers. This is achieved using the Transport Layer Security/Secure Sockets Layer/ (TLS/SSL) protocol, which encrypts data before it's sent over the network.
- Client-Side Field Level Encryption: This method allows the encryption of individual data fields within a MongoDB document. It protects highly sensitive data at a granular level, where only specific parts of documents are encrypted while the rest remain accessible.
- Encryption at rest: This method of encryption protects data when it's stored on a disk. Data is automatically encrypted at the file level, ensuring that even if someone gains physical access to the disk, the data remains secure.