MongoDB Queryable Encryption now supports range queries on encrypted data
MongoDB Queryable Encryption allows customers to securely encrypt sensitive application data and store it in an encrypted format within the MongoDB database. It also enables direct equality and range queries on the encrypted data without the need for cryptographic expertise. Adding range query support expands data retrieval options, allowing for more powerful search capabilities.
You can configure Queryable Encryption using the following methods:
- Automatic encryption: Allows encrypted read and write operations to be performed seamlessly, without requiring explicit encryption and decryption commands for individual fields.
- Explicit encryption: Offers the ability to perform encrypted read and write operations through the encryption library of your MongoDB driver, where you must define the encryption logic throughout your application.
“We’ve heard from customers that they need state-of-the-art security to protect their sensitive data, but not all of them have the specialized expertise to implement it. With MongoDB Queryable Encryption, we’re delivering just that—Queryable Encryption makes it easier for organizations to protect their data without compromising performance or compliance. The addition of range query support to MongoDB Queryable Encryption provides even more flexibility and powerful search capabilities, while ensuring encrypted data remains safe through its entire lifecycle. Queryable Encryption enables developers to perform expressive queries on fully encrypted data, helping customers across industries effectively manage sensitive information while retaining business-critical querying capabilities,” Kenn White, Security Principal, MongoDB, told Help Net Security.
Organizations across all industries and sizes can leverage the benefits of Queryable Encryption, including:
- Data protection: Ensures data remains encrypted throughout its lifecycle, minimizing the risk of exposure or breaches of sensitive information.
- Regulatory compliance: Provides the tools needed to meet data protection requirements, such as GDPR, CCPA, and HIPAA, through encryption at every stage.
- Streamlined operations: Simplifies the encryption process, eliminating the need for custom solutions, specialized cryptography expertise, or third-party tools.
- Separation of duties: Enables stricter access controls by preventing MongoDB and even customers’ database administrators from accessing sensitive data.