| From: | Ron Johnson <ronljohnsonjr(at)gmail(dot)com> |
|---|---|
| To: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Encryption Options |
| Date: | 2024-02-16 19:09:55 |
| Message-ID: | CANzqJaC0bDxheuJ-bSWpLC0M2gLnEDVR5afUYvMuE+ashcvikA@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Fri, Feb 16, 2024 at 1:53 AM sud <suds1434(at)gmail(dot)com> wrote:
> Hello Friends,
>
> We are newly moving to postgres database (yet to decide if it would be an
> on premise one or AWS aurora postgres). However , we want to understand
> what encryption / decryption techniques are available in the postgres
> database.
>
> We may have some sensitive/"personal information" (like customer name,
> account number etc )stored in the database
>
The problem with encrypting "account number" is that you can't JOIN or
WHERE on it. That's not always necessary, though. The pgcrypto module does
what it says, but requires application-level changes,
Encryption at rest can be accomplished with filesystem-level encryption,
and backup encryption. (PgBackRest has that feature, using AES-256. Don't
know about BarMan.)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | sud | 2024-02-16 21:04:20 | Re: Encryption Options |
| Previous Message | Ron Johnson | 2024-02-16 19:03:40 | Re: Encryption Options |