The default should be to lockdown as much as possible and only expose if the user requests it.
We encourage all users to follow the guidelines we prescribe for security.
Security best practices are summarised here [link below], or customers can contact MongoDB support.
This is an important opportunity for everyone to ensure they are following security best practices.
https://www.mongodb.com/blog/post/july-mongodb-security-best-practices
Read More
source: www.techworm.net
