Percona Unveils Transparent Data Encryption for PostgreSQL
At KubeCon+CloudNativeCon North America, Percona, a leading provider of premium database services, showcased its innovative Transparent Data Encryption (TDE) solution for PostgreSQL. This technology enables organizations to encrypt sensitive data stored within their PostgreSQL databases, addressing a critical market need for open-source TDE.
Filling the Gap in the Market
Blair Rampling, in an interview at the KubeCon booth, highlighted a significant market gap: financial institutions and users required at-rest data encryption for PostgreSQL but were hesitant about vendor lock-in. They sought an open-source solution, and Percona’s pg_tde extension delivers just that.
Transparent Encryption for Enhanced Security
The TDE extension, pg_tde, offers a transparent encryption process. Data is entered and queried as usual, but unauthorized users will encounter encrypted data. The decryption engine ensures that only authorized users can access the sensitive information. This approach supports popular key management services, ensuring minimal overhead and seamless encryption.
Percona’s Comprehensive PostgreSQL Solution
Percona’s TDE extension is seamlessly integrated into their PostgreSQL distribution and is fully supported by their managed and consulting services. Users can leverage this technology without incurring additional licensing costs, making it an accessible and cost-effective solution.
Compliance and Data Security
This encryption technology is particularly beneficial for compliance with regulations like GDPR, HIPAA, SOX, and PCI DSS v4.0. It complements Postgres’s storage-layer encryption, ensuring comprehensive data security.
Key Advantages of Percona’s TDE
- Open Source and Production-Ready: Percona’s TDE is the only open-source solution for PostgreSQL, ready for production use without any gated features or subscriptions.
- Robust Data Protection: Encrypting all database files on disk safeguards sensitive information, even if storage is compromised.
- Flexible Encryption Control: Multi-tenant support and table-level encryption allow users to customize their encryption strategy, protecting specific data without cluster-wide encryption.
- Seamless Integration: TDE can be deployed without altering application code, ensuring business operations remain uninterrupted during modernization and security enhancements.
- Centralized Key Management: Integrations with leading Key Management Services (KMS) providers streamline key management, enabling secure enforcement of security policies.
- Effortless Online Encryption and Key Management: Online encryption and key rotation ensure continuous data protection with minimal operational overhead.
- Reliable Support and Services: Percona offers 24/7 support and services for PostgreSQL deployment and ongoing management, enhancing overall security.
Percona’s expertise extends beyond PostgreSQL, as they also support MySQL and MongoDB, and they are committed to the emerging Valkey, a Redis data cache fork, with enterprise-grade support.
Stay Informed with The New Stack
For the latest tech insights and updates, visit The New Stack’s YouTube channel and subscribe to their podcast series. Stay ahead of the curve in the ever-evolving tech landscape.