From 7d99db7b83a7ad8d185a301e3eb0e4e37a9293ba Mon Sep 17 00:00:00 2001
From: Michael Paik <michael.paik@10gen.com>
Date: Mon, 8 Sep 2014 18:05:50 -0400
Subject: [PATCH] DOCS-3475 - add links to security whitepaper and request form
 for STIG

---
 source/administration/security-checklist.txt | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/source/administration/security-checklist.txt b/source/administration/security-checklist.txt
index 626ceba7c81..f1f95852b24 100644
--- a/source/administration/security-checklist.txt
+++ b/source/administration/security-checklist.txt
@@ -104,3 +104,15 @@ these *disabled*, unless required for backwards compatibility.
 Keep input validation enabled. MongoDB enables input validation by default
 through the :setting:`~net.wireObjectCheck` setting. This ensures that all
 documents stored by the :program:`mongod` instance are valid :term:`BSON`.
+
+Consider Security Standards Compliance
+--------------------------------------
+For applications requiring HIPAA or PCI-DSS compliance, please refer to the
+`MongoDB Security Reference Architecture <http://info.mongodb.com/rs/mongodb/images/MongoDB_Security_Architecture_WP.pdf>`_ to learn more about the key security
+capabilities of MongoDB and how they can be used in building a compliant
+database.
+
+Contact MongoDB for Further Guidance
+------------------------------------
+MongoDB provides a Security Technical Implementation Guide (STIG) upon
+request. Please `contact MongoDB <http://www.mongodb.com/lp/contact/stig-requests>`_ for a copy.