Downloads
Blog
Contact Us

What is Percona’s Transparent Data Encryption Extension for PostgreSQL (pg_tde)?

September 16, 2025
Author
David Quilty
Share this Post:

If you’re running PostgreSQL in a regulated industry, you know the frustration: your compliance auditor demands data-at-rest encryption, but PostgreSQL doesn’t offer it natively. Your only options in the past? Pay premium prices for proprietary forks or accept compliance gaps that keep you awake at night.

Percona has changed that.

With Percona for PostgreSQL, you now get access to pg_tde, our Transparent Data Encryption (TDE) extension that brings true open source encryption at rest to PostgreSQL. No closed code. No paywalled features. No license agreements waiting to surprise you later. Just the security you need, included in Percona for PostgreSQL, free to adopt, extend, and rely on.

Why pg_tde matters for PostgreSQL security

Organizations subject to GDPR, HIPAA, SOX, or PCI DSS v4.0 quickly discover that storage-level encryption alone won’t satisfy auditors. You need database-level encryption that protects data files even if attackers breach your perimeter defenses.

Until now, that meant:

  • Proprietary solutions with unpredictable licensing costs

  • Vendor lock-in that limits your technology choices

  • Hidden fees that emerge during renewals

  • Closed-source code you can’t audit or extend

What makes Percona’s Transparent Data Encryption different

Percona built pg_tde into Percona for PostgreSQL to solve a real customer problem: the need for enterprise-grade PostgreSQL security without being pushed into proprietary software. Here’s what sets it apart:

  • Open source and production-ready: The only PostgreSQL Transparent Data Encryption option that is fully open source. pg_tde is part of Percona for PostgreSQL, not gated behind subscriptions or hidden licensing.

  • Stronger data protection: Encrypts data files automatically, ensuring compliance and peace of mind if your storage is compromised.

  • No application changes required: Deploy without touching your existing PostgreSQL applications.

  • Centralized key management: Percona provides centralized management and integrations with leading Key Management Services (KMS) like HashiCorp, Thales, Fortanix, and OpenBao, helping you enforce consistent security policies across your organization.

  • Minimal performance impact: pg_tde encrypts your data with minimal overhead, so you can protect it without compromising speed or user experience.

  • Backed by trusted support: Percona’s 24/7 Support and Services are available, from setup to performance tuning and compliance audits.

pg_tde 101: What you need to know

Want to learn more about how pg_tde works, why Percona built it, and how it fits into your compliance strategy? Check out our pg_tde 101 guide embedded below. It answers the most common questions from IT leaders and database teams evaluating Transparent Data Encryption for PostgreSQL.

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

Resources

RELATED POSTS

Far
Enough.

Said no pioneer ever.
Get Started
Open source database software from experts who stand with you in production. Forever free from lock-in and other corporate BS.
Connect
© 2026 Percona All Rights Reserved
Database Technology
PostgreSQL MySQL MariaDB MongoDB Valkey / Redis Databases on Kubernetes Monitoring & Management (PMM) Percona Toolkit
Services
Expert Support ExpertOps Expert Consulting Training Solution Bundles
Use Cases
Cost Optimization Performance and Reliability Sovereignty, Securty, and Compliance AI and Future Readiness
Company
About Percona Partners Careers Events Press Releases News
Terms of Use
|
Privacy
|
Copyright
|
Legal
|
Security Center
MySQL, PostgreSQL, InnoDB, MariaDB, MongoDB and Kubernetes are trademarks for their respective owners.
© 2026 Percona All Rights Reserved