In order to explain why Encrypted Tablespaces matter we need to go back to the early 2000s, back to when I used to develop e-commerce stores – lots of them, over 800 in fact. Most of which were for the music industry, as well as for a few global charities and financial services companies.
These e-commerce systems needed to be built on a rock solid, standards-compliant foundation, and after some hunting around, I discovered the community version of PostgreSQL.
I couldn’t believe something with the power of Oracle was available free of charge.
The speed and stability were incredible. I was able to run pretty much anything I wanted on it without any problems whatsoever - so I jumped straight in. Even though PostgreSQL is highly secure when directly accessed, I was always worried for the security for my clients’ gigabytes worth of data. All it needed was one clever hacker to get in to the system to steal the lot. I obviously didn’t want this to happen to me, so I vigilantly applied my patches, ran my security scans, encoded user passwords with the best encryption, individually salted the passwords and so on.
However, the nagging doubts persisted.
What if there was someone out there who could still outwit me and get the entire database in one go? Perhaps they would take the whole set of database files from the server’s disks, then they could extract the data at their leisure. Or they might break into the data centre to physically remove the servers. More likely, they could break into my office and steal my development equipment where I stored sensitive data. Thankfully, this never happened, but I had every reason to be concerned and those doubts didn’t lessen over the years.
That was, of course, until I finally found a solution that has allayed all my fears since: Encrypted Tablespaces.
Simply put, a tablespace is a designated area on a server’s storage system where a database is stored. You have a default tablespace when you set up PostgreSQL, and you can set up more of them, perhaps spreading your databases on different disks for speed reasons, and so on. Fujitsu have created the tools to fully encrypt that whole tablespace to the AES 256 encryption standard in real time, and the encryption is fully PCI DSS compliant.
You might think the encryption key is stored on the same server and this could be a problem. Well, it is stored on the same server, but it is also heavily encrypted with a passphrase that you enter when the server is booted up. Meaning, that even if bad guys manage to run off with your server, there’s nothing they can access.
They could try all sorts of simple yet smart stuff, like logging into your UNIX server using single user mode (you did make sure that your single user login still required a password, I hope?). Or they could try to mount your drive onto another server to bypass the password security. Perhaps you didn’t realise a Windows password can be removed trivially easily if you have the drive in your possession. None of this matters, because tablespace encryption solves all those problems.
The joy of discovering such a valuable addition to PostgreSQL almost silences that tiny voice in my head which occasionally asks: where was this feature 15 years ago?
While I think of it - that gets me to another feature of FUJITSU Enterprise Postgres that I wish was around when I first set out on my PostgreSQL journey – Data Masking. But more on that in my next post.
If you are interested in learning more about Encrypted Tablespaces and how it may improve your PostgreSQL database, please contact us directly. Fujitsu provides 24/7 Australian-based PostgreSQL support and services, DBA and developer training, and our own enhanced version of PostgreSQL - FUJITSU Enterprise Postgres.