MarkLogic has moved to progress.com - this site will be redirected soon.
DATA SECURITY AND GOVERNANCE

Protect Your Data and Enable Safe Sharing

Ensure the highest levels of protection for your data, rapidly implement data policies, and apply end-to-end governance.

See How
Woman intently looking at computer.

Transformational Data Security

MarkLogic offers advanced enterprise data security controls that are beyond what any other multi-model database or platform offers. That’s why large investment banks, major healthcare organizations, and classified government systems all trust MarkLogic with their most critical data assets.

Secure by Default

Security is not a feature that needs to be turned on and configured. When data is loaded, it is immediately secured.

MarkLogic has scalable controls for authentication, ensuring that the system easily integrates into your environment.

MarkLogic has granular access controls to govern what a user can do and see. Each user is associated with any number of roles, and each role is given privileges that determine what they can do. Also, each document has permissions dictating which roles can see and edit it. Security checks verify the necessary credentials before granting the requested action, and security information is stored in a specific security database in MarkLogic.

MarkLogic secures data at the collection level, document level, and even element/property level (like cell-level security in a relational database). This goes beyond what other document databases provide as it’s very hard to engineer on the back-end and maintain performance, but MarkLogic does it.

MarkLogic closely monitors database activity and makes it possible to audit document access and updates, configuration changes, administrative actions, code execution, and changes to access control.

Cutting-edge data encryption protects against unauthorized access of the database by a SysAdmin or Storage Admin. It allows data, configuration, and logs to be encrypted while the files are resting on disk using AES-256 encryption, and it conforms to FIPS 140 criteria.

In addition to RBAC, MarkLogic can also employ other security models such as Attribute-Based Access Control (ABAC), Policy-Based Access Control (PBAC), or Label-Based Access Control (LBAC). These models further restrict access based on attributes (e.g., social security number, IP address, user’s age, or time of day), policies, or simple labels representing “high” or “low” levels of trust.

For organizations who require additional security measures, the MarkLogic Advanced Security add-on includes three additional capabilities:

  • Redaction: Eliminate the exposure of sensitive information by making it possible to remove existing information or replace it with other values when exporting or sharing data. The process is simple, flexible, and designed to work with large volumes of data.
  • External Key Management System (KMS) Support: Use an external KMS (e.g., SafeNet or Vormetric) to help with advanced encryption, which is often done for the additional separation of concerns and ease of management.
  • Compartment Security: Apply more complex rules to documents so that a user must have all the right roles to access or create a document rather than just one. Compartment security is often useful when handling classified material.
Data Governance

For the Full Data Supply Chain

Along with the digitalization of virtually everything, the importance of data governance is on the rise. Now, you need context around the data that drives decision making. You get that context with metadata, which supplies both traceability and meaning.

The MarkLogic data platform tightly couples data and metadata and includes bitemporal and smart mastering features that help ensure data trust and accountability. Apply data management policies and track provenance and lineage with ease.

Classification Tools

Consistently and accurately assess and tag information and provide a transparent and complete audit trail of the compliance checking process.

Document Fingerprinting

Intelligently identify and secure assets that might contain sensitive information or trade secrets.

Bitemporality

Keep track of when an event occurred (the valid time), as well as when the information was added (the system time), so you can fully recreate any truth—no matter how long gone—as it was, in any given moment.

Smart Mastering

Match and merge data from different sources without the need for a separate master data management (MDM) solution. Leverage our patented search indexes to make it easier than ever to query across all data sources that were previously siloed.

Visionary Organizations Choose MarkLogic

US Dept of Defense Customer logo
Johnson & Johnson Logo
Citi customer logo
NBC Logo
Warner Bros Customer logo
DOW customer logo
VIEW FEATURED CUSTOMERS

Built for the Most Demanding Environments

Enforce security uniformly at all layers of the stack to manage data lineage, auditing, quality rules, quality monitoring, security, retention, and archiving.

Visit our Trust page

Related Resources

Videos

Data Security and MarkLogic: Securing ALL the Things

MarkLogic World 2019: An overview of the core security features and the business value each feature provides.
Info Sheets

Certified Security

MarkLogic has focused on having enterprise-grade security from the start, and has fine-grained, certified security that is required to manage data and provide a shield against today’s cyber threats.
eBooks

Understanding Data Governance

Download this report from O'Reilly Media, compliments of MarkLogic, and discover practices and frameworks for regulatory compliance and security.