PCI DSS Archives

Tech Optimizer

June 22, 2026

The database that refused to die: How Postgres survived its own creators

Postgres, originally developed by Michael Stonebraker in the early 1980s, is an open-source database system that evolved from Ingres. It was designed to handle complex data types and introduced user-defined data types, operators, and functions, leading to the support for abstract data types (ADTs). The initial commercialization of Postgres occurred through a startup named Illustra, later acquired by Informix. In 1995, graduate students Andrew Yu and Jolly Chen revived Postgres, transitioning it from QUEL to SQL, resulting in Postgre95, which evolved into PostgreSQL. Today, Postgres is one of the most popular database systems globally, known for its extensibility and high code quality. However, it currently lacks features like file-level encryption (TDE), which are standard in commercial systems, relying instead on the operating system for encryption. Efforts to implement TDE have faced challenges due to the complexity of required code changes.

Tech Optimizer

May 22, 2026

AI Data Platform Modernization in Financial Services | Microsoft Azure PostgreSQL | The Microsoft Cloud Blog

Financial service institutions are increasingly exploring AI applications to alleviate operational burdens and gain a competitive edge, but face challenges with legacy data infrastructures that may not meet modern demands. The need for continuous availability and compliance is critical, as even brief downtime can have catastrophic consequences. Aging databases struggle with high-volume transactions and real-time analytics, prompting a focus on predictive maintenance and infrastructure automation. Microsoft Azure's PostgreSQL managed services, including Azure Database for PostgreSQL, address these challenges by providing flexible performance scaling and ensuring high availability. The service can trigger automatic failover within 60 to 120 seconds during outages, guaranteeing up to a 99.99% availability SLA. It supports read replicas for offloading analytics without impacting primary database performance and offers layered security controls, including encryption at rest and network isolation. Azure Database for PostgreSQL simplifies compliance with standards such as PCI DSS and SOC by enabling centralized identity and access management through Microsoft Entra ID authentication. It integrates seamlessly with the Microsoft ecosystem, allowing organizations to connect data to analytics and AI services without complex ETL processes. BNY Mellon successfully modernized its data platform by migrating to Azure Database for PostgreSQL in nine months, achieving improved resilience and allowing engineering teams to focus on innovation. The platform supports high availability, backup capabilities, and extensibility, empowering financial institutions to remain innovative in the era of AI.

Tech Optimizer

April 8, 2026

PostgreSQL logical replication: How to replicate only the data that you need

Many organizations using PostgreSQL face challenges in replicating data across different logical databases while controlling shared information. PostgreSQL 15 introduces native logical replication with column-level and row-level filtering within publications, allowing precise control over data transfer between PostgreSQL databases. Logical replication operates on a publish-subscribe model, where the source database logs changes to the Write-Ahead Log (WAL) and applies publication filters to transmit only the relevant data to the target database. Two filtering modes are available: column-level filtering allows users to specify which columns to replicate, while row-level filtering uses WHERE clauses to determine which rows to include. Both filtering modes can be combined in a single publication. The SQL syntax for creating publications and subscriptions is consistent across various PostgreSQL environments, with specific configurations required for enabling logical replication. Use cases for logical replication include multi-tenant SaaS data isolation, regional data distribution for ecommerce, PCI DSS compliance in financial services, development and testing environments, and retail inventory management. Prerequisites for implementing logical replication include using PostgreSQL 15 or later, ensuring network connectivity, having a user with replication privileges, enabling logical replication on the source instance, and monitoring WAL retention. Logical replication has limitations, such as the need for a replica identity for UPDATE and DELETE operations, the non-replication of DDL changes and sequences, and potential performance overhead during initial synchronization and ongoing replication. After testing, it is advisable to clean up by removing replication resources to prevent unnecessary costs.

Tech Optimizer

November 25, 2025

Protect sensitive data with dynamic data masking for Amazon Aurora PostgreSQL

Amazon Aurora PostgreSQL-Compatible Edition has introduced a dynamic data masking feature that provides column-level protection, enhancing security alongside PostgreSQL’s row-level security. This feature is available for Aurora PostgreSQL versions 16.10 and higher, as well as 17.6. Dynamic data masking allows organizations to maintain a single copy of their data while applying role-based access controls, ensuring sensitive information is protected in real-time without data duplication. The pg_columnmask extension enables policy-based masking and runtime query rewriting, allowing different users to see varying levels of data based on their roles. For example, customer service representatives may see only the last four digits of account numbers, while executives see full details. The feature supports compliance with regulations such as GDPR, HIPAA, and PCI DSS. Users can create masking policies using standard SQL commands, and the policies can be defined to utilize built-in or custom functions for data masking.

Tech Optimizer

November 22, 2025

Percona Brings Transparent Data Encryption to Postgres

Percona introduced an open-source Transparent Data Encryption (TDE) extension for its PostgreSQL distribution at KubeCon+CloudNativeCon North America, addressing the demand for data protection solutions, particularly among financial institutions concerned about vendor lock-in. The TDE extension, named pg_tde, operates transparently, allowing users to input and query data without changes to interactions or schemas, while unauthorized access reveals only encrypted information. It supports all major key management services and is included in Percona's PostgreSQL distribution without additional licensing fees. The TDE solution helps organizations comply with standards like GDPR, HIPAA, SOX, and PCI DSS v4.0, offering benefits such as open-source readiness, stronger data protection, user-controlled encryption, seamless integration, centralized key management, effortless online encryption, and trusted support. Percona also offers solutions for MySQL and MongoDB and supports emerging technologies like Valkey.

Tech Optimizer

September 27, 2025

Antivirus Statistics 2025: Revealing Growth & Usage

The global antivirus software market is projected to reach approximately billion by 2025 and grow at a compound annual growth rate (CAGR) of around 6.9% through 2029. By 2025, 84% of users are expected to have antivirus software installed on their computers, and approximately 68% will have antivirus protection on their smartphones. In recent testing, antivirus products were evaluated against 212 test cases, with 560,000 new malware variants detected globally each day. Microsoft Defender and Norton achieved perfect protection scores of 100% in evaluations conducted in June 2025. Microsoft is redesigning Windows to relocate antivirus and Endpoint Detection and Response (EDR) applications out of the kernel. In 2024, the U.S. government prohibited the sale of Kaspersky antivirus software due to national security concerns. Gen Digital anticipates revenue between .70 billion and .80 billion for 2026. The integration of AI into malware frameworks is pushing antivirus vendors to adopt machine learning-driven threat detection models. Antivirus plans are predominantly priced between and , with 32.1% of plans falling within this range. Only 3.6% of antivirus options are free, and 93% of products offer a 30+ day money-back guarantee. 79% include defenses against ransomware and phishing attacks, and 61% come with a built-in firewall. The average maximum coverage per antivirus subscription extends to 24 devices. In 2024, around 121 million Americans used third-party antivirus software, with 17 million adults intending to adopt antivirus software within six months. Among users of commercial antivirus software, 74% reported encountering malware in the past year. Detection effectiveness in malware tests often surpasses 99% for leading antivirus products, while false positive rates vary significantly. Symantec leads the Windows antivirus market with a share of 13.81%, followed by AVAST Software (11.93%) and ESET (11.03%). Approximately 560,000 new malware variants are identified daily, and there are over 1 billion documented malware samples worldwide. Ransomware attacks targeting Windows constitute around 93% of all enterprise ransomware incidents. In 2024, 17% of U.S. adults reported using antivirus software on mobile phones, with 73% opting for paid versions. Free antivirus solutions typically offer basic features but lack advanced modules. The enterprise antivirus market is projected to reach approximately .0 billion by 2024, with significant growth expected in the coming years. North America holds approximately 48.3% of the global antivirus market share, while Europe experiences growth due to regulations. IoT devices are increasingly targeted, with unpatched firmware responsible for about 60% of IoT breaches. The average cost of an IoT security failure incident is approximately 0,000. Typical antivirus subscriptions range from to 0 per year, with many vendors offering multi-device bundles.

Tech Optimizer

July 7, 2025

Percona offers clear view into Transparent Data Encryption

Percona has launched its Transparent Data Encryption (TDE) extension for PostgreSQL, designed to secure sensitive data at rest without licensing fees or usage restrictions. TDE automatically encrypts and decrypts data at the database layer, protecting backups and transaction logs, with encryption keys stored separately. The pg_tde extension supports compliance with regulations like GDPR, HIPAA, SOX, and PCI DSS v4.0, and allows users to encrypt all database files, apply encryption at the table level, and maintain control over their encryption strategies. It integrates with Key Management Services (KMS) providers and requires a patched PostgreSQL server to function. Percona aims to extend pg_tde to Community PostgreSQL, with some code already contributed for review. The extension is included in the Percona Distribution for PostgreSQL, which also offers support and consulting services for TDE setup and configuration.

Tech Optimizer

July 4, 2025

Percona launches free open source encryption for PostgreSQL data

Percona has introduced Transparent Data Encryption (TDE) for PostgreSQL as a fully open-source and production-ready solution, enabling organizations to encrypt data at rest and comply with regulations like PCI DSS v4.0 without incurring licensing fees. The TDE extension, named pg_tde, is now part of the Percona Distribution for PostgreSQL and addresses barriers to adopting enterprise-level data encryption in open-source environments. Key features include encryption of all database files on disk, granular encryption policies, seamless integration into existing systems, and streamlined key management with major Key Management Services. The solution supports online key rotation and has minimal performance impact. Percona also provides 24/7 assistance for setup and management, making the solution accessible to organizations of all sizes.

Tech Optimizer

July 1, 2025

Percona Launches First-Ever Open Source Transparent Data Encryption for PostgreSQL

Percona has launched its Transparent Data Encryption (TDE) extension for Percona for PostgreSQL, enabling organizations to secure sensitive data at rest and comply with regulations without incurring licensing fees or vendor lock-in. The TDE extension provides automatic and transparent encryption of data, supports compliance with regulations like GDPR, HIPAA, SOX, and PCI DSS v4.0, and offers features such as open-source availability, stronger data protection, granular user-controlled encryption, seamless integration, centralized key management, minimal performance impact, and trusted support services. The pg_tde extension is now part of the Percona Distribution for PostgreSQL, enhancing security for customers needing encryption compliance.

AppWizard

June 21, 2025

Understanding Android 14 Privacy Changes: Key Insights

The introduction of Android 14 features a sophisticated permissions model that requests app permissions only when needed, allowing users to choose between "approximate" and "precise" location access. Apps handling transactions must justify their need for real-time access. Background location usage must be disclosed in Play Store listings, and developers must complete Data Safety Forms. Android enforces scoped storage, isolating apps in sandboxed environments to reduce data leakage risks. Visual indicators for microphone and camera usage were introduced in Android 12, and Android 14 requires apps to specify the nature of access. In-app transactions in gaming apps must meet elevated security standards, including encryption and biometric logins, and undergo audits under PCI DSS. Background access for location services requires clear justification, and developers must submit a Permission Declaration Form. Google Play mandates disclosure of third-party SDKs and their data practices. User awareness is emphasized through concise permission dialogs and Data Safety summaries in Play Store listings. Secure login protocols like OAuth 2.0 are required for sensitive applications, with stronger encryption mandates. Apps for children must comply with COPPA and GDPR-K regulations, with manual reviews by the Play Store. Google's Privacy Sandbox initiative aims to enhance privacy in advertising practices, with expected rollout in 2024.