The latest version of MongoDB, MongoDB 4.0, introduces two significant security enhancements: SHA-256 support and improved TLS protocol versions. The new SHA-256 implementation provides an additional layer of security against password cracking and data tampering, replacing the deprecated SHA-1 algorithm in the SCRAM authentication mechanism. This ensures that users can meet applicable security requirements and compliance objectives by supporting SHA-256 for all hash function applications. Additionally, MongoDB 4.0 disables TLS versions below 1.1 across all products on all platforms, including disabling TLS 1.0 and marking any use of deprecated protocol versions as unsafe. This addresses the known vulnerabilities in older TLS versions, such as Padding Oracle On Downgraded Legacy Encryption (POODLE) and SSLv2, which can be exploited by attackers to gain unauthorized access to data. By upgrading to MongoDB 4.0, users can improve the overall security of their applications and take advantage of the latest security features and best practices.