Banner Default Image

PostgreSQL Database Encryption Solutions

postgresql logo

PostgreSQL object-relational database has a long history of reliability, and because of this reputation, has earned a wide adoption, now available in nearly every operating system, Customers choose this reliable (and also easily customizable) solution to serve data to a wide range of workloads from small single-machine applications to large web-facing applications with large numbers of concurrent users.

Inevitably, organizations adopt this technology to store and serve valuable customer data – data that needs security to keep it safe from unauthorized users and compliant with industry regulations.

PostgreSQL data security from Thales

Fortunately, PostgreSQL users can have a reliable security approach in encryption. Encryption mitigate threats posed by hackers and privileged users, yet also addresses many of the compliance concerns that surround sensitive customer data.

Data secured with encryption remains protected from unauthorized wherever it travels or resides precisely because security is attached directly to the data itself. Thales offers customers a number of encryption and tokenization solutions to secure data across its lifecycle anywhere in the enterprise.

Thales ProtectFile: File System-Level Encryption

Protect your files, folders and shares transparently


Thales ProtectFile is an easy to deploy, versatile file-system level encryption solution that secures PostgreSQL database data. As an agent that operates at the operating system layer, organizations don't need to change their applications, infrastructure or operations for encryption to keep their data safe. Its versatility extends beyond securing PostgreSQL databases. Thales ProtectFile can also be used to secure such databases as IBM DB2, Microsoft SQL, Oracle, NoSQL, MySQL, Sybase and SAP HANA all with minimal performance impacts.

Built-in policy-based access controls restrict access to encrypted data to mitigate the risks posed by privileged users such as database or cloud administrators while giving authorized users access to the data they need.

Since encryption attaches security directly to the file itself, any backed-up or replicated copy of the database with remain encrypted to keep data safe wherever it goes.

Learn more about Thales ProtectFile

Thales ProtectV: Full Disk Virtual Machine Encryption

Encrypt your virtual machine instances


Thales ProtectV Thales ProtectV encrypts virtual machines running PostgreSQL databases including their associated storage volumes, snapshots, backups, and partitions.

Pre-boot authentication for each virtual machines ensures that encrypted virtual machines cannot be copied or spun-up by unauthorized users attempting to move them to other environments.

Thales ProtectV makes PostgreSQL a feasible option in virtualized and cloud environments by letting users preserve ownership and control of their data at all times.

Learn more about Thales ProtectV

Thales ProtectApp: Application-Level Encryption

Secure your application-level data

TestThales ProtectAppThales encrypts data at the application level to secure data by either column or field within PostgreSQL databases. Easy to use standards-based APIs let customers integrate Thales ProtectApp directly into their application to secure data as it is generated.

Encrypting the data so early in its lifecycle keeps it safe wherever it goes without requiring any architectural changes to the database.

Thales ProtectApp includes a rich interface and broad standards based support so developers can incorporate it easily into their applications. To further make development on Thales ProtectApp easier, Thales offers customers software development kits (SDKs), sample code, and technical expertise.

Learn more about Thales ProtectApp

Thales Tokenization: Application-Level Tokenization

Format-preserving tokenization for PostgreSQL


Thales Tokenization protects high value information in PostgreSQL databases by replacing it with a surrogate value or "token" without changing the database table or the file layout.

Systems protected with tokenization are removed from the audit scope of certain regulations such as PCI DSS.

And, since Thales Tokenization is integrated into the application layer, no architectural changes are required to the PostgreSQL implementation.

Learn more about Thales Tokenization

Why You’ll Love Our PostgreSQL Database Encryption

Database-Encryption imageThales data protection portfolio offers an array of options to secure PostgreSQL databases. The Thales portfolio give user the tools they need to secure data anywhere in its flow — from creation to storage — regardless of the challenges and constraints involved.

Thales Solutions Offer:

  • Format Preserving Encryption (FPE)
  • API-based encryption libraries
  • Chef and Docker integrations
  • Broad use case support for both on-premises and cloud service providers 
  • Centralized key and policy management

In short, Thales data protection solutions address customers' PostgreSQL security needs without impacting their operations or bottom line.