Any thoughts on if it's better to encrypt at the record level or at the entire data stream level? And, should that include metadata like the key?
The reason I ask is that my experience in other contexts is that the encryption is the easy part. The tough part is figuring out what level to apply this so as to make tools still useful to admins and developers and how to handle key management.
For instance, if you encrypt at the record level, things like protocol traces and backups can still be performed by untrusted individuals. (though, verification of backup is a bit harder).
I just wanted to mention that here for when the team gets to it.