diff --git a/migrations/V29__add_security_policies.sql b/migrations/V29__add_security_policies.sql
new file mode 100644
index 0000000..38453e7
--- /dev/null
+++ b/migrations/V29__add_security_policies.sql
@@ -0,0 +1,31 @@
+ALTER TABLE "public"."circle" ENABLE ROW LEVEL SECURITY;
+DROP POLICY IF EXISTS "circle_authenticated" ON "public"."circle";
+CREATE POLICY "circle_authenticated" ON "public"."circle" AS PERMISSIVE FOR ALL TO authenticated USING (true);
+
+ALTER TABLE "public"."circle_kpi_definition" ENABLE ROW LEVEL SECURITY;
+DROP POLICY IF EXISTS "circle_kpi_definition_authenticated" ON "public"."circle_kpi_definition";
+CREATE POLICY "circle_kpi_definition_authenticated" ON "public"."circle_kpi_definition" AS PERMISSIVE FOR ALL TO authenticated USING (true);
+
+ALTER TABLE "public"."circle_user" ENABLE ROW LEVEL SECURITY;
+DROP POLICY IF EXISTS "circle_user_authenticated" ON "public"."circle_user";
+CREATE POLICY "circle_user_authenticated" ON "public"."circle_user" AS PERMISSIVE FOR ALL TO authenticated USING (true);
+
+ALTER TABLE "public"."kpi_definition" ENABLE ROW LEVEL SECURITY;
+DROP POLICY IF EXISTS "kpi_definition_authenticated" ON "public"."kpi_definition";
+CREATE POLICY "kpi_definition_authenticated" ON "public"."kpi_definition" AS PERMISSIVE FOR ALL TO authenticated USING (true);
+
+ALTER TABLE "public"."kpi_user" ENABLE ROW LEVEL SECURITY;
+DROP POLICY IF EXISTS "kpi_user_authenticated" ON "public"."kpi_user";
+CREATE POLICY "kpi_user_authenticated" ON "public"."kpi_user" AS PERMISSIVE FOR ALL TO authenticated USING (true);
+
+ALTER TABLE "public"."kpi_values_history" ENABLE ROW LEVEL SECURITY;
+DROP POLICY IF EXISTS "kpi_values_history_authenticated" ON "public"."kpi_values_history";
+CREATE POLICY "kpi_values_history_authenticated" ON "public"."kpi_values_history" AS PERMISSIVE FOR ALL TO authenticated USING (true);
+
+ALTER TABLE "public"."target" ENABLE ROW LEVEL SECURITY;
+DROP POLICY IF EXISTS "target_authenticated" ON "public"."target";
+CREATE POLICY "target_authenticated" ON "public"."target" AS PERMISSIVE FOR ALL TO authenticated USING (true);
+
+REVOKE ALL PRIVILEGES ON TABLE "public"."flyway_schema_history" from anon;
+REVOKE ALL PRIVILEGES ON TABLE "public"."flyway_schema_history" from authenticated;
+REVOKE ALL PRIVILEGES ON TABLE "public"."flyway_schema_history" from service_role;
\ No newline at end of file
diff --git a/migrations/V30__add_target_history_table.sql b/migrations/V30__add_target_history_table.sql
new file mode 100644
index 0000000..8166955
--- /dev/null
+++ b/migrations/V30__add_target_history_table.sql
@@ -0,0 +1,91 @@
+DROP TABLE IF EXISTS "public"."target_history";
+
+CREATE TABLE target_history (
+    target_history_id int8 generated by default as identity,
+    action varchar(32) not null,
+    target_id int8 not null,
+    circle_id int8 not null,
+    kpi_id int8 not null,
+    target_value numeric,
+    created_at timestamp not null,
+    user_id uuid,
+    PRIMARY KEY (target_history_id),
+    CONSTRAINT fk_kpi FOREIGN KEY(kpi_id) REFERENCES kpi_definition(kpi_id),
+    CONSTRAINT fk_circle FOREIGN KEY(circle_id) REFERENCES circle(circle_id),
+    CONSTRAINT fk_user FOREIGN KEY(user_id) REFERENCES auth.user(id)
+);
+
+DROP TRIGGER IF EXISTS target_history_trigger on "public"."target";
+
+CREATE OR REPLACE FUNCTION target_history_trigger_func()
+RETURNS trigger AS $body$
+BEGIN
+    if (TG_OP = 'INSERT') then
+         INSERT INTO target_history (
+             action,
+             target_id ,
+             circle_id ,
+             kpi_id,
+             target_value,
+             created_at,
+             user_id
+         )
+         VALUES(
+             'INSERT',
+             NEW.target_id,
+             NEW.circle_id,
+             NEW.kpi_id,
+             NEW.target_value,
+             CURRENT_TIMESTAMP,
+             auth.uid()
+         );
+
+         RETURN NEW;
+    elsif (TG_OP = 'UPDATE') then
+         INSERT INTO target_history (
+               action,
+               target_id ,
+               circle_id ,
+               kpi_id,
+               target_value,
+               created_at,
+               user_id
+         )
+         VALUES(
+             'UPDATE',
+             NEW.target_id,
+             NEW.circle_id,
+             NEW.kpi_id,
+             NEW.target_value,
+             CURRENT_TIMESTAMP,
+             auth.uid()
+         );
+         RETURN NEW;
+   elsif (TG_OP = 'DELETE') then
+         INSERT INTO target_history (
+             action,
+             target_id ,
+             circle_id ,
+             kpi_id,
+             target_value,
+             created_at,
+             user_id
+         )
+         VALUES(
+             'DELETE',
+             OLD.target_id,
+             OLD.circle_id,
+             OLD.kpi_id,
+             null,
+             CURRENT_TIMESTAMP,
+             auth.uid()
+         );
+       RETURN OLD;
+   end if;
+END;
+$body$
+LANGUAGE plpgsql;
+
+CREATE TRIGGER target_history_trigger
+AFTER INSERT OR UPDATE OR DELETE ON target
+FOR EACH ROW EXECUTE FUNCTION target_history_trigger_func();
\ No newline at end of file