Latest news with #PCIDSSv4.0
Techday NZ
20 hours ago
- Business
- Techday NZ
Percona launches free open source encryption for PostgreSQL data
Percona has introduced Transparent Data Encryption (TDE) for PostgreSQL as a fully open source and production-ready solution. This development allows organisations to encrypt data at rest, ensuring compliance with strict regulatory standards such as PCI DSS v4.0, while eliminating licensing fees and avoiding vendor lock-in. The new capability is designed to enable businesses to secure sensitive data on their PostgreSQL platforms without incurring additional costs or facing usage restrictions. The TDE extension, known as pg_tde, is being made generally available as part of the Percona Distribution for PostgreSQL. It aims to remove a significant obstacle that previously prevented many organisations from implementing enterprise-level data encryption in open source database environments. Until now, robust encryption options for PostgreSQL often came with proprietary licensing agreements or were not considered suitable for production use within regulated industries. Organisations in sectors ranging from finance to healthcare and eCommerce are increasingly required to comply with regulations such as GDPR, HIPAA, SOX, and PCI DSS v4.0. These standards often mandate strong encryption protocols to safeguard cardholder data and other sensitive information, with storage encryption alone now frequently deemed insufficient. "Data security and compliance are top priorities for organizations in every industry, but too often, robust encryption has been locked behind paywalls or proprietary add-ons," said Liz Warner, CTO of Percona. "With the launch of TDE for PostgreSQL, Percona is leveling the playing field—giving every business access to enterprise-grade data-at-rest protection without licensing fees or restrictions. This is a major step forward for open source, and a win for every organization that values transparency, flexibility, and security." The TDE solution provides several features intended to address business needs for secure database management. It encrypts all database files on disk, limiting the risk of data exposure should storage be compromised. Organisations can employ granular encryption policies, with the ability to encrypt at the table level and use individual keys for each database, supporting multi-tenant environments and enabling tailored encryption strategies. One of the solution's notable attributes is seamless integration, allowing businesses to introduce encryption into their back-end systems without making changes to application code or disrupting existing operations. Key management is streamlined via integration with major Key Management Services (KMS) including Hashicorp, Thales, Fortanix, and OpenBao, assisting businesses in enforcing security policies and managing encryption keys. Encrypted databases can also benefit from online key rotation and continued encryption management with minimal operational overhead. According to Percona, the encryption has a minimal performance impact, meaning organisations can enhance security without compromising user experience or system speed. Percona is offering 24/7 support and related services for businesses deploying pg_tde, include assistance with initial setup, configuration, and ongoing management. The extension is immediately available as part of the Percona Distribution for PostgreSQL and is supported under Percona's broader service offerings. The launch comes at a time when many organisations are seeking ways to comply with increasingly stringent data privacy and security standards while also maintaining the freedom and flexibility offered by open source technologies. The removal of licensing fees and usage restrictions is expected to make it accessible to organisations of varying sizes, including those without large IT budgets. Follow us on: Share on:
Channel Post MEA
26-06-2025
- Business
- Channel Post MEA
Akamai Expands API Security To Address Visibility Gaps From Code To Production
Akamai Technologies has announced new Akamai API Security enhancements designed to help customers stay ahead of evolving threats to APIs. The improvements come as Akamai's API security offering earns recognition through both prestigious industry awards and customer adoption. APIs power everything from mobile apps to online banking, but their growing use has made them a top target for cyberattacks. As threats multiply, companies are racing to secure their APIs without sacrificing speed or innovation. Akamai's latest API Security enhancements address visibility gaps across the API development and production lifecycle. These enhancements include: Managed Service for API Security: The first managed service built specifically for API security, it combines real-time monitoring, expert response, and clear guidance to help organizations catch threats early and cut risk. The first managed service built specifically for API security, it combines real-time monitoring, expert response, and clear guidance to help organizations catch threats early and cut risk. Integration with code repositories: This integration lets teams scan API specifications and code to spot risks before launch — even for APIs that haven't gone live yet. This integration lets teams scan API specifications and code to spot risks before launch — even for APIs that haven't gone live yet. Compliance Dashboard: This dashboard gives teams a centralized view to check how their APIs stack up against key security and privacy standards — like the Payment Card Industry Data Security Standard (PCI DSS v4.0), the General Data Protection Regulation (GDPR), and the MITRE ATT&CK framework — making audits easier and reducing compliance risk. Akamai customers increasingly highlight the benefits of API Security: 'Akamai API Security gives us a clear view of what data is being used and how, enabling us to minimize our attack surface while still delivering the best service possible to our customers.' — CTO of an insurance company '[API Security] is the lighthouse for my AppSec team: Now we know what to focus on. It's a major data security tool for us. The deployment was very easy and they were true partners in the process. Now we can assess our risk in the most scientifically true way possible and control our destiny.' — CISO of a software company 'The tool is robust and responsive, and has given us peace of mind that we have visibility of everything happening at the API level.' — Executive in a healthcare and life sciences organization Akamai's security solutions win awards Three of the technology sector's top industry accolades were recently awarded to Akamai's security solutions. 'Companies are realizing that APIs are a prime target for attackers and securing them is essential to staying resilient, especially in the AI era,' said Rupesh Chokshi, Senior Vice President and General Manager of Akamai's Application Security Portfolio. 'It's great to see the traction we're getting in both adoption and recognition. It tells us we're solving real problems for our customers.'
