Generally speaking you need to find out where your sensitive information is and then determine the best fit solution(s) for encrypting it when it’s at risk. Here are some <a href=”http://securityonwheels.blogspot.com/search/label/encryption”>thoughts I have on encryption</a> and some <a href=”http://searchwindowsserver.techtarget.com/tip/0,289483,sid68_gci1237913_mem1,00.html”>questions to ask your security vendors</a>. The important thing to keep in mind is that encryption does not automatically equal security…it’s also the people, the processes, and the other compensating controls you have around it. Compliance doesn’t equal security either. Here are some recent thoughts I had on <a href=”http://searchcompliance.techtarget.com/tip/0,289483,sid195_gci1360925,00.html”>why compliance as we know it and do it today is a joke</a>.
I hope this helps!