On Fri, Feb 16, 2024 at 1:53 AM sud <suds1...@gmail.com> wrote: > Hello Friends, > > We are newly moving to postgres database (yet to decide if it would be an > on premise one or AWS aurora postgres). However , we want to understand > what encryption / decryption techniques are available in the postgres > database. > > We may have some sensitive/"personal information" (like customer name, > account number etc )stored in the database >
The problem with encrypting "account number" is that you can't JOIN or WHERE on it. That's not always necessary, though. The pgcrypto module does what it says, but requires application-level changes, Encryption at rest can be accomplished with filesystem-level encryption, and backup encryption. (PgBackRest has that feature, using AES-256. Don't know about BarMan.)
