The Azure open source database team that I lead is 100% focused on security. We live, eat, and breathe security. After all, many of you rely on national and industry standard security controls to develop and improve your INFOSEC defenses. And of course you expect the same level of security and due diligence when you build your open source workloads on Azure cloud.
Note, our Postgres managed database service on Azure also has another deployment option, Hyperscale (Citus), which enables you to scale out your Postgres database horizontally across a server group. Hyperscale (Citus) is a powerful and secure option for those who need the performance and scale of a multi-machine database cluster.
Because the Hyperscale (Citus) deployment option GA’d in November 2019, it has not yet achieved the same compliance certs as our single server deployment option for Postgres. Moving forward, as the Hyperscale (Citus) compliance certificates become available, we’ll be sure to blog about it. In the meantime, you can always reach out to our team at AskAzureDBforPostgreSQL@service.microsoft.com if you need important security certs and you don’t (yet) see them in the compliance cert table below.
Notable Compliance Certs for For Azure Database for PostgreSQL - Single Server
Our single server deployment option for Azure Database for PostgreSQL has achieved a comprehensive set of national, regional, and industry-specific compliance certifications in our Azure public cloud to help you comply with requirements governing the collection and use of your data.
Our open source database team is continuing to pursue even more compliance certifications for Azure Database for PostgreSQL—for both Single Server and Hyperscale (Citus) which we will share in future posts about security, and as part of our documented compliance offerings for Azure.
I’ll be talking about even more security capabilities in future blog posts
In addition to all the certifications above for Postgres, our team has also been busy rolling out new security features on Azure Database for PostgreSQL that we'll be blogging about next. These new Postgres features on Azure include high-demand capabilities such as data encryption for data at rest (we often call this 'bring your own key' or (BYOK) as well as double encryption); data security in motion (TLS and SSL); network security (firewall, service endpoint, private link); and access methods (native authentication and AAD authentication).
We also offer the Azure IP Advantage for Azure services running open source technologies. The Azure IP Advantage provides best-in-industry intellectual property protection, uncapped indemnification, the ability to deter and defend lawsuits with patent pick, and broad protection with a springing license.
We’re committed to make Azure the most secure cloud in the world for you and your applications. I’m looking forward to sharing more with you about the new security features we’ve been rolling out for Azure Database for PostgreSQL (as well as the ones our engineering team is actively working on right now).