PostgreSQL is an open source, object-relational database built with a focus on extensibility, data integrity, and speed. Its concurrency support makes it fully ACID-compliant, and it supports dynamic loading and catalog-driven operations to let users customize its data types, functions, and more.
As a managed service provider, DigitalOcean provides stability and security to your database clusters. However, some best practices for database management still fall under the user’s responsibility. For example, while DigitalOcean takes full responsibility for hosting physical infrastructure and ensuring network security, users are responsible for managing client-side encryption, the database firewall, and access to data.
To ensure the security of your database clusters, the following shared responsibility model describes exactly which operations and security measures users are responsible for and which DigitalOcean is responsible for:
|User’s Responsibilities||DigitalOcean’s Responsibilities|
|Manage users and their permissions||Ensure physical security of servers and OS|
|Control network access through trusted sources||Provide backup and recovery options (PITR, restore from backup, fork databases)|
|Monitor database performance by creating alert policies||Monitoring via health checkups and auditing database logs|
|Add high availability and scalability||Provide standby and read-only nodes, automated failover|
|Protect cluster’s data (unauthorized access, data validation)||Encrypt data at rest (LUKS) and in transit (SSL)|
|Optimize databases and queries||Provide data durability and redundancy|
|Change variables via the DO API||Restart databases|