1 00:00:02,180 --> 00:00:07,840 We already covered a lot of important things that you will need to work efficiently with mongodb. 2 00:00:08,280 --> 00:00:12,360 Now this mongodb course is built for developers, 3 00:00:12,410 --> 00:00:18,920 therefore the things we're going to cover in this section are only partly important to you but well 4 00:00:18,980 --> 00:00:24,210 they are at least partly important to you and security always matters. 5 00:00:24,230 --> 00:00:30,950 So in this module, we'll take a look at something which is mainly the job of your database administrator 6 00:00:31,010 --> 00:00:33,250 and not of you, the developer 7 00:00:33,380 --> 00:00:38,930 but since you will play one important role in the overall picture of security and user authentication, 8 00:00:39,290 --> 00:00:45,920 I find it important to guide you through the most important parts that are related to securing a mongodb 9 00:00:45,920 --> 00:00:47,990 database. 10 00:00:47,990 --> 00:00:54,200 There is kind of a security checklist which you also find in the official docs when it comes to hardening 11 00:00:54,230 --> 00:01:00,830 your mongodb environment and making sure that it's safe and can't be intruded from outside. 12 00:01:00,830 --> 00:01:05,170 One of the most important things is authentication and authorization 13 00:01:05,240 --> 00:01:10,160 and this is already one of the things where you as a developer come into play, where you will have to worry 14 00:01:10,160 --> 00:01:10,600 about 15 00:01:10,640 --> 00:01:16,880 and I will show you how you do authorize and so on throughout this module and also later in the from shell to 16 00:01:16,880 --> 00:01:18,490 driver module. 17 00:01:18,800 --> 00:01:25,520 So authentication and authorization will be one important part and this part here or this topic mainly means 18 00:01:25,850 --> 00:01:27,320 that the database, 19 00:01:27,390 --> 00:01:32,870 so I'm not talking about the application you're building but the database you're using to store data 20 00:01:33,220 --> 00:01:37,120 will know users and you will have to authenticate, 21 00:01:37,130 --> 00:01:39,050 so you means you as a developer, 22 00:01:39,050 --> 00:01:46,610 so your code will have to authenticate with that database in order to insert data, get data or do all 23 00:01:46,610 --> 00:01:47,750 kinds of stuff. 24 00:01:48,020 --> 00:01:53,650 So authentication and authorization is one super important building block when it comes to securing your 25 00:01:53,660 --> 00:01:59,540 mongodb environment. Another important building block is transport encryption, 26 00:01:59,790 --> 00:02:06,000 this means that data that is sent from your app to the server should be encrypted so that no one can 27 00:02:06,000 --> 00:02:09,710 sit in the middle and spoof your connection and read that data. 28 00:02:10,080 --> 00:02:15,990 Additionally encryption at rest is an important topic and that means that the data in the database 29 00:02:16,320 --> 00:02:23,910 also should be encrypted otherwise if someone somehow gets access to your database servers, well they 30 00:02:23,910 --> 00:02:27,970 can read plain text information and that will make getting the data out of there 31 00:02:27,990 --> 00:02:34,650 easier. If you do encrypt your data in the database, you are still protected a bit even if people get access 32 00:02:34,650 --> 00:02:40,290 to your database server because then they might have access but the data is unreadable. 33 00:02:40,320 --> 00:02:42,650 These are three very important building blocks, 34 00:02:42,840 --> 00:02:48,880 additional important building blocks are auditing. We'll not dive into this in this module or in this 35 00:02:48,880 --> 00:02:55,470 course because this is a pure server admin task but of course mongodb does provide features to audit 36 00:02:55,470 --> 00:02:56,220 your service, 37 00:02:56,220 --> 00:03:01,880 so to see who did what, which actions occurred and you can do a lot of stuff there to make sure that 38 00:03:01,890 --> 00:03:08,220 you always control what's happening and you always are aware of what's happening in your database. 39 00:03:08,220 --> 00:03:13,500 Additionally the server on which you run your database server and now I'm talking about the physical 40 00:03:13,500 --> 00:03:19,590 machine which is running somewhere or if you're using a cloud provider like AWS, I'm talking about the 41 00:03:19,590 --> 00:03:25,060 instances you booked there, the network you are using to host your mongodb environment 42 00:03:25,140 --> 00:03:26,900 of course also should be secured 43 00:03:26,970 --> 00:03:32,250 and now that is also far beyond the scope of this course and far beyond what you as a developer have to 44 00:03:32,250 --> 00:03:32,680 do 45 00:03:32,820 --> 00:03:36,710 but if you are administrating and setting up the entire mongodb environment, 46 00:03:36,780 --> 00:03:39,370 this is also something you will have to take care about. 47 00:03:39,720 --> 00:03:43,580 And last but not least, backups and software updates also matter. 48 00:03:43,710 --> 00:03:49,650 You and now again I don't mean you as a developer but you as the owner of a mongodb environment, you should 49 00:03:49,650 --> 00:03:51,610 regularly backup your data 50 00:03:51,690 --> 00:03:57,600 and of course you should make sure that all the software you're running is up to date to fix any security 51 00:03:57,600 --> 00:03:59,460 holes that might be in there. 52 00:03:59,460 --> 00:04:04,740 So these are important things, in this module we'll have a look at these three blocks because these three 53 00:04:04,740 --> 00:04:10,460 blocks kind of affect your work as a developer and you will see how they affect your work in this module 54 00:04:10,590 --> 00:04:11,490 and later 55 00:04:11,520 --> 00:04:17,430 as I mentioned in the from shell to driver module. So let's dive in and let's start with authentication 56 00:04:17,520 --> 00:04:21,260 and authorization and learn what exactly that is and how you use it.