Posts

Showing posts from May, 2015

Enterprise Sitecore xDB Security with MongoDB

Image
This will form the second part in a two-post set outlining some of what we learnt whilst implementing xDB and Mongo for a client with enterprise grade availability and security requirements which dictated that a The first post dealt with configuring Mongo and Sitecore to use a replica set for high availability. In this post I'll review some of the options for meeting security requirements around the Mongo implementation for xDB. Security For this project, we had some quite stringent privacy requirements covering some of the types of data that were being stored in the analytics system.  These boiled down to ensuring that only authorised accounts could access the system and view information.  In my opinion the authentication/authorisation approach we've taken should be considered for any xDB installation as a good practice, however the explicit encryption requirements that we had to meet are probably a step further than a lot of organisations will want to go.