The security of online data is a curious problem. One must first consider the type of data being stored, the potential places the data can legally reside and then all the potential exfiltration points the data can egress legally, potentially record or bulk illegally. Security solutions themselves are tuned to each of these use cases but the problem really starts with two fundamental questions: what is the risk (or criticality) for the data and if it is stolen, regardless of its location or in transit, what would happen? Highly encrypted data alone is secure if the decryption key and algorithms are not available, regardless of its location. Yes, the threat actor has the data but in its current state, it is useless. Any potential security solution selected to protect online data should be able to satisfy a variety of use cases and maintain integrity. The aim is not to expose readable data and if it is exposed, the contents are nearly useless and are a low risk.