Role-based access controls (RBAC) ensure only a group of privileged MongoDB reliability engineers can access systems via a gated process that uses a bastion host, requires MFA to log into MongoDB systems and establish a Secure Shell connection (SSH).
MongoDB maintains a strong policy to establish effective administrative, technical, and physical safeguards for customer data, and to identify, detect, protect against, respond to, and recover from security incidents.