Fujitsu Logo

    Data security is one of the top concerns for enterprises – Fujitsu Enterprise Postgres has the right tools for that

    With data becoming ever more valuable, organizations find themselves having to fend off cyber attacks that keep increasing in numbers and sophistication. This reality in turn gave rise to strict regulations that require tighter safeguards.

    Fujitsu Enterprise Postgres provides powerful tools to protect organizations from database security threats – Transparent Data Encryption to protect data at rest, Data Masking to redact data in-flight, and the Dedicated Audit Log to record database access and monitor suspicious/unauthorized activity.



    Transparent Data Encryption

    All data in Fujitsu Enterprise Postgres can be encrypted using Advanced Encryption Standard, a PCI DSS-compliant 256-bit encryption technology that is standard for the credit card industry.
    • Faster encryption/decryption by manipulation of entire blocks, instead of one bit at a time. Overhead is further minimized by using AES-NI built into the Intel and AMD processors.
    • Encrypt all application data with minimum impact – you no longer need to reduce the scope of encryption to ensure application performance.
    • Zero storage overhead in storage areas, as the encryption algorithm does not alter the size of the object being encrypted.
    • Existing applications do not need to be modified for migration, because data is automatically decrypted by the instance when it is read from disk.
    • Support for streaming replication, as objects encrypted on the primary server are transferred in its encrypted format to the standby server.
    Diagram - Transparent data encryption

    Data Masking

    Diagram - Data Masking

    Data masking minimizes security risk by enabling user-based confidentiality, altering original data while maintaining its usability. Fujitsu Enterprise Postgres implements data masking using a powerful yet user-friendly policy approach that allows flexibility in the redaction of different types of data to different types of roles.

    The masking can take place in 2 ways:

    • Offline data masking – Transfers data to another database while applying the specified policies – it is a one-off transformation that writes masked data to disk. Suitable for test environments and partner environments, where it can be used to generate realistic data without exposing sensitive information.
    • Online data masking – Applies masking policies dynamically, as data is read from the disk. Used in production environments to hide sensitive data.

    The implementation allows 3 types of data redaction:

    • Full masking – Redacts the entire specified column with replacement values
    • Partial masking – Masks only portion of the specified column
    • Regular expression masking – Applies a regular expression to the column's value

    Dedicated Audit Log

    Fujitsu Enterprise Postgres extends PostgreSQL's auditing by allowing the system to save audit records to a separate file – the Dedicated Audit Log.

    Users can configure which operations to audit and send to the dedicated file. Audit records are then written by asynchronous workers, further reducing the overhead of log operations.

    This provides an easy and efficient way for auditors and data security experts to collect and analyze information on database activity and use it to:

    • Comply with regulatory requirements
    • Assist in regular monitoring for unauthorized/inappropriate use
    • Provide insight into who, how, and when data is accessed
    • Demonstrate to customers and regulators that the organization has a comprehensive data management policy in place
    Diagram - Dedicated Audit Log

    Want to know more?

    Visit our Resources page to learn more about Fujitsu Enterprise Postgres and its advanced security, high availability, and improved performance capabilities.

    Thumbnail: White Paper Data Masking Thumbnail: White Paper Dedicated Audit Log Thumbnail: White Paper High Availability


    Read our latest blogs

    Read our most recent articles regarding all aspects of PostgreSQL and Fujitsu Enterprise Postgres.