From: | Ron Johnson <ronljohnsonjr(at)gmail(dot)com> |
---|---|
To: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Encryption Options |
Date: | 2024-02-16 19:09:55 |
Message-ID: | CANzqJaC0bDxheuJ-bSWpLC0M2gLnEDVR5afUYvMuE+ashcvikA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Fri, Feb 16, 2024 at 1:53 AM sud <suds1434(at)gmail(dot)com> wrote:
> Hello Friends,
>
> We are newly moving to postgres database (yet to decide if it would be an
> on premise one or AWS aurora postgres). However , we want to understand
> what encryption / decryption techniques are available in the postgres
> database.
>
> We may have some sensitive/"personal information" (like customer name,
> account number etc )stored in the database
>
The problem with encrypting "account number" is that you can't JOIN or
WHERE on it. That's not always necessary, though. The pgcrypto module does
what it says, but requires application-level changes,
Encryption at rest can be accomplished with filesystem-level encryption,
and backup encryption. (PgBackRest has that feature, using AES-256. Don't
know about BarMan.)
From | Date | Subject | |
---|---|---|---|
Next Message | sud | 2024-02-16 21:04:20 | Re: Encryption Options |
Previous Message | Ron Johnson | 2024-02-16 19:03:40 | Re: Encryption Options |