Enquo, for “ENcrypted QUery Operations”, provides the ability to query encrypted data in popular database servers.
Your application encrypts the data, inserts in the database in its encrypted form, and nobody can read it again until it is loaded by your application. The database never knows what the data is, because it remains encrypted at all times in the database.
Why do I need this?
Because data leaks or gets stolen all the time. Strong encryption is one of the best ways to ensure that your sensitive data is kept safe.
However, when you encrypt data, you can’t search it. If you can’t search your data, you can’t build the features you need.
Or, you can use Enquo.
Enquo encrypts your data in your application, before it is written to the database. But the encryption format allows the database to execute queries without knowing what the data is.
Sounds great, how do I use it?
We currently support PostgreSQL 11+ and Rails ActiveRecord as an ORM. Support for more databases, languages, and ORMs is a work-in-progress.
But I’m not using Rails!
We’re hard at work adding support for more languages and ORMs. If you’d like to get involved, and develop support for your personal preferred technology, check out our contributor guide for some basic pointers on how to get started.
If you want Enquo support for a new technology, but don’t have coders on-hand, EnquoDB is the commercial arm of the project, offering development, consulting, and training.
I have more questions…
That’s OK, we probably have answers.
If you’re curious about whether Enquo solves the specific threats your data is facing, our threat models and security properties page is where you want to go. You may also be interested in the minutiae of how Enquo works.