MongoDB's Field-Level Encryption Protects Private Data—Even From DBAs[:
In December 2019, popular document database MongoDB added a fairly radical new feature to the platform: field-level database encryption. At first glance, one might wonder whether this is a meaningful feature in a world that already has at-rest storage encryption and in-flight transport encryption—but after a little closer analysis, the answer is a resounding yes.
One of MongoDB's first customers to use the new technology is Apervita, a vendor that handles confidential data for well over 2,000 hospitals and nearly 2 million individual patients. Apervita worked side by side with MongoDB during development and refinement of the technology.
Since reaching general availability in December, the technology has also been adopted by several government agencies and Fortune 50 companies, including some of the largest pharmacies and insurance providers.
This is a good thing. Field Level Encryption (FLE) is a must for any DB these days.
(Score: 0) by Anonymous Coward on Friday April 03 2020, @03:04PM (2 children)
So basically this has nothing to do with the database really and is just a key management scheme bundled with the DBMS ?
What else does it offer? Encryption sw has been available, standardized, and used since forever.
(Score: 0) by Anonymous Coward on Friday April 03 2020, @03:26PM
1. sales point
2. profit
no need for ??? Just need as a sales point.
(Score: 0) by Anonymous Coward on Friday April 03 2020, @05:50PM
Yes, it looks like it really does nothing that couldn't already be done either explicitly in the application code or with a third-party library/tool hiding some of the details; the "advance" of this is that it is built in and easily provides fine-grained encryption transparently in the client driver without special handling in the application code.