|EnterpriseDB Adds Transparent Data Encryption|
|Written by Kay Ewbank|
|Monday, 27 February 2023|
EnterpriseDB is adding Transparent Data Encryption (TDE) to its implementation of Postgres to harden data security and mitigate risks for large enterprises.
EnterpriseDB's Postgres Pro Enterprise is a commercial fork of the open source PostgresSQL, with improvements and extensions aimed at large-scale, high-performance uses. PostgreSQL is an open source database system that was originally created at the University of California, Berkeley. It is now maintained and developed by the PostgreSQL Global Development Group, a coalition of many companies and individual contributors.
TDE is being added to EDB Standard and Enterprise plans, in a move the company says is the first to deliver TDE for Postgres and Oracle compatibility. PostgresSQL already had some methods to encrypt stored data, including pgcrypto and file system level encryption using LUKS, but these techniques have various drawbacks including slower performance.
The new TDE includes block level encryption to prevent unauthorized data access. Postgres data in tables and other objects as well as system catalog data such as the names of objects, the write-ahead logging (WAL), and temporary files are encrypted on disk and are not readable by system users.
Data encryption and decryption is managed by the database and does not require application changes or updated client drivers.
EDB Postgres Advanced Server and EDB Postgres Extended Server provide hooks to key management that's external to the database. These hooks allow for simple passphrase encrypt/decrypt or integration with enterprise key management solutions. At the moment the key management has support for Amazon AWS Key Management Service, Google Cloud Key Management Service, Microsoft Azure Key Vault, and Thales CipherTrust Manager.
Other improvements to the EDB Enterprise Plan include better Oracle compatibility, and the latest PostgreSQL 15 release including the newly added MERGE SQL command and advanced replication capabilities.
or email your comment to: email@example.com
|Last Updated ( Monday, 27 February 2023 )|