Postgres Pro
Downloads
Home   >   mailing lists

Re: [GENERAL] PG and database encryption - Mailing list pgsql-general

From PT
Subject Re: [GENERAL] PG and database encryption
Date
Msg-id 20170822171349.792114939ca597cb71b599a5@potentialtech.com
Whole thread Raw
In response to [GENERAL] PG and database encryption  (rakeshkumar464 <rakeshkumar464@outlook.com>)
Responses Re: [GENERAL] PG and database encryption  (Scott Marlowe <scott.marlowe@gmail.com>)
List pgsql-general
Tree view 
On Tue, 22 Aug 2017 12:48:13 -0700 (MST)
rakeshkumar464 <rakeshkumar464@outlook.com> wrote:

> We have a requirement to encrypt the entire database.  What is the best tool
> to accomplish this. Our primary goal is that it should be transparent to the
> application, with no change in the application, as compared to un-encrypted
> database. Reading about pgcrypto module, it seems it is good for few columns
> only and using it to encrypt entire database is not a good use-case.
>
> Is this which can be done best by file level encryption?  What are the good
> tools on Linux (RHES), preferably open-source.

"encrypt the database" is bullshit wank terminology for "we're a government
agency and don't know what we're talking about"

On multiple occasions, I demonstrated that an unecrypted database was the
least likely disclosure vector for sensative data, and that we shouldn't
waste any time on it until we had ensured that all other breach vectors had
been fixed.  Over the course of 4 years at that job, we never managed to get
all the other (more likely) breach vectors secured.

While it's possible that you've already fixed all other breach
vectors, I'd be willing to bet actual money that you have not.
The very fact that you ask for something that "is transparent to the
application" tells me that you're not going to actually implement it
effectively anyway.

As a result, my opinion would be that you use filesystem encryption. It's
very efficient, low management overhead, and proven technology that doesn't
interfere with anything else you're doing. You can then check that box on
whatever form you have to fill out and the beaurocrats will leave you alone.
On top of that, it effectivley protects againts possible breach vectors that
don't require changing the application.

Real security will require changing the application. But take my word for it,
nobody wants to hear the list of breach vectors that can only be fixed by
modifying the application. Because people aren't interested in real security,
they're just interested in checking boxes on a form.

--
PT <wmoran@potentialtech.com>

pgsql-general by date:

Previous
From: John McKown
Date:
Subject: Re: [GENERAL] PG and database encryption
Next
From: Peter Koukoulis
Date:
Subject: [GENERAL] install the oracle data wrapper extension