Someone can clarify the difference among different type of encrypting a database? I saw that a lot of people use pgcrypto, but they say that TDE is always the best choice. Is pgcrypto enough to respect GPDR?
I have already installed pgcrypto and test it. It works fine.
The only guide I found for the TDE on Postgres says that it is possible to use by adding on postgresql.conf these line:
On the official docs of Postgres the TDE is never explained. Thanks
You can use pgcrypto to implement an ALE (application-level encryption) that complies with GDPR; it's a perfect solution when you have a small amount of sensitive data (passwords, credit card info, etc.).
but if that's not the case, encrypting a lot of data that you're constantly querying will impact the performance. In this situation, yes, TDE is the best choice because it works in a different way, encrypts the file containing the data, doesn't have the same performance impact, and it's centralized to ease the burden on the software developers.
Unfortunately, TDE is not an option in the community version of PostgreSQL. but according to this link: https://www.postgresql.org/about/press/faq/, It will be available in the next release (16) by September 2023.