Marklogic hero hex top

End-to-End Data Security and Governance

Ensure the highest levels of protection for your data, rapidly implement data policies, and apply end-to-end governance.

Contact Us

For the Full Data Supply Chain

Along with the digitalization of virtually everything, the importance of data governance is on the rise. Now, you need context around the data that drives decision making. You get that context with metadata, which supplies both traceability and meaning.

The MarkLogic data platform tightly couples data and metadata and includes bitemporal and smart mastering features that help ensure data trust and accountability. Apply data management policies and track provenance and lineage with ease.

Classification Tools

Consistently and accurately assess and tag information and provide a transparent and complete audit trail of the compliance checking process.

Document Fingerprinting

Intelligently identify and secure assets that might contain sensitive information or trade secrets.

Bitemporality

Keep track of when an event occurred (the valid time), as well as when the information was added (the system time), so you can fully recreate any truth—no matter how long gone—as it was, in any given moment.

Smart Mastering

Match and merge data from different sources without the need for a separate master data management (MDM) solution. Leverage our patented search indexes to make it easier than ever to query across all data sources that were previously siloed.

Transformational Data Security

MarkLogic offers advanced enterprise data security controls that are beyond what any other multi-model database or platform offers. That’s why large investment banks, major healthcare organizations, and classified government systems all trust MarkLogic with their most critical data assets.

Secure by Default Integration with LDAP, Kerberos, SAML Role Based Access Control (RBAC) Element/Property Level Security Built-in Auditing Advanced Encryption Additional Security Models Advanced Security Add-on

Secure by Default

Security is not a feature that needs to be turned on and configured. When data is loaded, it is immediately secured.

Integration with LDAP, Kerberos, SAML

MarkLogic has scalable controls for authentication, ensuring that the system easily integrates into your environment.

Role Based Access Control (RBAC)

MarkLogic has granular access controls to govern what a user can do and see. Each user is associated with any number of roles, and each role is given privileges that determine what they can do. Also, each document has permissions dictating which roles can see and edit it. Security checks verify the necessary credentials before granting the requested action, and security information is stored in a specific security database in MarkLogic.

Element/Property Level Security

MarkLogic secures data at the collection level, document level, and even element/property level (like cell-level security in a relational database). This goes beyond what other document databases provide as it’s very hard to engineer on the back-end and maintain performance, but MarkLogic does it.

Built-in Auditing

MarkLogic closely monitors database activity and makes it possible to audit document access and updates, configuration changes, administrative actions, code execution, and changes to access control.

Advanced Encryption

Cutting-edge data encryption protects against unauthorized access of the database by a SysAdmin or Storage Admin. It allows data, configuration, and logs to be encrypted while the files are resting on disk using AES-256 encryption, and it conforms to FIPS 140 criteria.

Additional Security Models

In addition to RBAC, MarkLogic can also employ other security models such as Attribute-Based Access Control (ABAC), Policy-Based Access Control (PBAC), or Label-Based Access Control (LBAC). These models further restrict access based on attributes (e.g., social security number, IP address, user’s age, or time of day), policies, or simple labels representing “high” or “low” levels of trust.

Advanced Security Add-on

For organizations who require additional security measures, the MarkLogic Advanced Security add-on includes three additional capabilities:

  • Redaction: Eliminate the exposure of sensitive information by making it possible to remove existing information or replace it with other values when exporting or sharing data. The process is simple, flexible, and designed to work with large volumes of data.
  • External Key Management System (KMS) Support: Use an external KMS (e.g., SafeNet or Vormetric) to help with advanced encryption, which is often done for the additional separation of concerns and ease of management.
  • Compartment Security: Apply more complex rules to documents so that a user must have all the right roles to access or create a document rather than just one. Compartment security is often useful when handling classified material.

Learning & Resources

YouTube Video Thumbnail Video
 
Data Security and Data Sharing with MarkLogic
YouTube Video Thumbnail Video
 
Data Security and MarkLogic: Securing ALL the Things
default datasheet thumbnail Data Sheet
 
Certified Security
default ebook thumbnail E-Book
 
Understanding Data Governance
MarkLogic Prefooter Banner

Improve Data Integration

Eliminate the effect of data and knowledge silos in your organization with a single platform that connects all of your multi-structured data.

Contact Us