At its developer conference held earlier this week in New York, the MongoDB team announced the latest version of its database management software that includes a variety of advanced features, including Field Level Encryption, Distributed Transactions, and Wildcard Indexes.
The newly introduced Field Level Encryption (FLE), which will be available in the upcoming MongoDB 4.2 release, is an end-to-end encryption feature that encrypts and decrypts sensitive users’ data on the client-side, preventing hackers from accessing plaintext data even if the database instance left exposed online or the server itself gets compromised.
Almost every website, app, and service on the Internet today usually encrypt (particularly “hashing”) only users’ passwords before storing them into the databases, but unfortunately left other sensitive information unencrypted, including users’ online activity data and their personal information.
Moreover, even if there is an encryption mechanism to store data securely on the server, the private keys to unlock it and decryption operation also remain available on the server, which if get compromised, can be used by hackers to decrypt the data.
images from Hacker News