Hi,
We have web application and encrypt PII columns. We use encrypt/decrypt function for this.
Currently we hard coded the key in postgresql function which I am not sure of it.
I did google it and people suggest that it needed to be stored in physically isolated location (storing decryption key on the same server as the data is kind of like writing your PIN on your ATM card).
I would like to know how postgres professionals handles this.
Thank you very much for your time in advance.
Naoko
