I understand that PCI compliance needs an annual rotation of keys. It's for decrypting your data, followed by re-encrypting it with a new key. So we have around 16 databases that are across 3 servers and multiple tables. It's only going to get bigger. Could I write something for this? Or should I just use a 3rd party tool.