Another thought would be doing a cost-benefit analysis of taking the "risk" to be encrypted or not. Of course, the risk if you are not encrypted is that the data falls into the wrong hands. The risk, on the other side as was mentioned in the article, is losing the certificate. Which risk would cost the company more? Helping customers when your database is lost or replacing the lost data? Is doing a cost-benefit analysis reasonable or is the generally accepted approach to encrypt regardless of the risk? It also seems that the cost of the certificates should be included in that cost-benefit analysis. How about the cost of performance (or is this a non-issue)?