Chirag Dave
Principal Database Specialist SA

Min-Hank Ho

Min-Hank Ho
VP, Product Management



Companies are modernizing their application stack by moving away from legacy, proprietary databases such as Oracle and MS SQL Server to PostgreSQL. But, PostgreSQL doesn’t even have the data security capabilities of these legacy databases, such as data-at-rest encryption. The lack of data protection means companies are not using PostgreSQL with their most sensitive data; the ones that require compliance with privacy regulations.

Enter AWS RDS with Trusted Language Extensions (TLE) and Baffle. AWS RDS has implemented TLE, which enables Baffle to cryptographically protect data in PostgreSQL. This combination provides access control to data and allows privileged database users to operate on encrypted data without decrypting the data. These capabilities are way beyond TDE, which was designed for the privacy regulations of yesterday (the on-premises era). With AWS and Baffle, you will meet today’s compliance requirements, such as PCI DSS v4, and that of the future.