If you’re running PostgreSQL in a regulated industry, you know the frustration: your compliance auditor demands data-at-rest encryption, but PostgreSQL doesn’t offer it natively. Your only options in the past? Pay premium prices for proprietary forks or accept compliance gaps that keep you awake at night.
Percona has changed that.
With Percona for PostgreSQL, you now get access to pg_tde, our Transparent Data Encryption (TDE) extension that brings true open source encryption at rest to PostgreSQL. No closed code. No paywalled features. No license agreements waiting to surprise you later. Just the security you need, included in Percona for PostgreSQL, free to adopt, extend, and rely on.
Why pg_tde matters for PostgreSQL security
Organizations subject to GDPR, HIPAA, SOX, or PCI DSS v4.0 quickly discover that storage-level encryption alone won’t satisfy auditors. You need database-level encryption that protects data files even if attackers breach your perimeter defenses.
Until now, that meant:
- Proprietary solutions with unpredictable licensing costs
- Vendor lock-in that limits your technology choices
- Hidden fees that emerge during renewals
- Closed-source code you can’t audit or extend
What makes Percona’s Transparent Data Encryption different
Percona built pg_tde into Percona for PostgreSQL to solve a real customer problem: the need for enterprise-grade PostgreSQL security without being pushed into proprietary software. Here’s what sets it apart:
- Open source and production-ready: The only PostgreSQL Transparent Data Encryption option that is fully open source. pg_tde is part of Percona for PostgreSQL, not gated behind subscriptions or hidden licensing.
- Stronger data protection: Encrypts data files automatically, ensuring compliance and peace of mind if your storage is compromised.
- No application changes required: Deploy without touching your existing PostgreSQL applications.
- Centralized key management: Percona provides centralized management and integrations with leading Key Management Services (KMS) like HashiCorp, Thales, Fortanix, and OpenBao, helping you enforce consistent security policies across your organization.
- Minimal performance impact: pg_tde encrypts your data with minimal overhead, so you can protect it without compromising speed or user experience.
- Backed by trusted support: Percona’s 24/7 Support and Services are available, from setup to performance tuning and compliance audits.
pg_tde 101: What you need to know
Want to learn more about how pg_tde works, why Percona built it, and how it fits into your compliance strategy? Check out our pg_tde 101 guide embedded below. It answers the most common questions from IT leaders and database teams evaluating Transparent Data Encryption for PostgreSQL.
