Introducing Crunchy Data Warehouse: A next-generation Postgres-native data warehouse. Crunchy Data Warehouse Learn more

Crunchy Data Brings Enterprise Open Source PostgreSQL to U.S. Government with New DISA Security Technical Implementation Guide

Avatar for Crunchy Data

Crunchy Data

3 min read

Crunchy Data is pleased to announce the publication of a PostgreSQL Security Technical Implementation Guide (STIG) by the U.S. Department of Defense (DoD), making PostgreSQL the first open source database with a STIG.

Charleston, S.C.: Crunchy Data — a leading provider of trusted open source PostgreSQL and enterprise PostgreSQL technology, support and training — is pleased to announce the publication of a PostgreSQL Security Technical Implementation Guide (STIG) by the U.S. Department of Defense (DoD), making PostgreSQL the first open source database with a STIG. Crunchy Data collaborated with the Defense Information Systems Agency (DISA) to evaluate open source PostgreSQL against the DoD’s security requirements and developed the guide to define how open source PostgreSQL can be deployed and configured to meet security requirements for government systems.

PostgreSQL is a powerful, open source, object-relational database system with more than 20 years of active development and a strong global development community. Commercial enterprises and Government agencies with a focus on advanced data management can benefit from PostgreSQL’s proven architecture and reputation for reliability, data integrity, and cost effectiveness.

Crunchy Certified PostgreSQL, Crunchy Data’s trusted 100% open source PostgreSQL distribution, eases STIG compliance by providing trusted open source PostgreSQL along with the requisite security enhancing Audit Logging Extensions. Crunchy Certified PostgreSQL also includes popular extensions such as PostGIS, a geospatial extension for PostgreSQL.

To ensure that Crunchy Certified PostgreSQL represents the most trusted open source enterprise PostgreSQL distribution, Crunchy Certified PostgreSQL has received Common Criteria Evaluation Assurance Level (EAL) 2+ certification, an international standard for computer security certification, Crunchy Certified PostgreSQL is the first commercially available open source relational database management system to receive Common Criteria certification.

“We are very proud of our working relationship with DISA and the resultant STIG being announced today. This STIG, combined with our Common Criteria certification, will help us support the U.S. government’s efforts to adopt open source software to reduce costs and unwanted vendor lock-in. Crunchy is committed to bringing the extraordinary cost effectiveness of open source PostgreSQL technology to the U.S. Defense community and to all database users who need to manage their information reliably, securely and efficiently.” said Crunchy CEO Bob Laurence.

Beyond the U.S. Government, the DISA PostgreSQL STIG offers security-conscious enterprises a comprehensive guide for open source PostgreSQL configuration and use. Enterprises can refer to the STIG as they consider open source PostgreSQL as an alternative to proprietary, closed source, database software.

About DISA STIG

STIGs are the configuration standards for DoD Information Assurance (IA) and IA-enabled devices/systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD's security systems by providing the STIGs. The STIGs contain technical guidance to "lock down" information systems/software that might otherwise be vulnerable to a malicious computer attack.

About Common Criteria Certification

The Common Criteria for Information Technology Security is an international standard (ISO/IEC 15408) for computer security certification. Common Criteria provides assurance that the specification, implementation and evaluation of a computer security product has been conducted in a rigorous, standard and repeatable manner at a level appropriate for its target environment.

About Crunchy Data

Crunchy Data is a leading provider of trusted open source PostgreSQL and enterprise PostgreSQL technology, support and training. Crunchy Data offers Crunchy Certified PostgreSQL, the most advanced pure open source RDBMS on the market. Crunchy Data is a leading provider of Cloud Native PostgreSQL – providing open source, cloud agnostic PostgreSQL-as-a-Service solutions. PostgreSQL’s active development community, proven architecture and reputation for reliability, data integrity, and ease of use make it a prime candidate for enterprises looking for a robust relational database alternative to expensive proprietary database technologies. Learn more at www.crunchydata.com