Security Best Practices for Postgres

This white paper presents a framework and a series of recommendations to secure and protect a Postgres database. We discuss a layered security model that addresses physical security, network security, host access control, database access management, and data security. Most of the recommendations in this paper are applicable to PostgreSQL (the community edition) and to EDB Postgres™ Advanced Server (Advanced Server), the enterprise-class, feature-rich commercial distribution of PostgreSQL from EnterpriseDB® (EDB™). Advanced Server provides additional relevant security enhancements, such as edb_audit, SQL/Protect and Virtual Private Database (VPD) that are not available in the same form in PostgreSQL.