We employ several types of security for all of our data - my favorite being the ability to simply keep a machine off of the public network and run things on a closed internal system while the few machines without outside access are sandboxed.
The more outside access you have, the more points of vulnerability there are - security for any type of data should be comprehensive.
We do but we still don’t think it’s secure enough. The reason for this is because we have encryption that our vendor offers us, but we know that this encryption only applies for big data nodes and not original data sources. Our IT team has to contend with policy management to keep up with standards to deal with these issues.