I couldn’t have said it better myself so I won’t. Richard Bejtlich wrote “If a file is only readable once it has been decrypted in front of a user, that is where the intruder will attack once his other options have been exhausted. This means that the only way to completely “protect data” is to make it unusable.” The job of your Information Security team is to make it more expensive to get your data than what your data is worth.