I think theft of backups or servers is the bigger risk (Peter Gabriel's web server was stolen from his ISP recently, who knows what was on it and lost), corruption is an access issue more at the permissions/network level. If they can access the network through a compromised workstation, that station may contain the keys which would nullify encryption. If it doesn't contain keys, then your user is entering at least token information to open sessions and then your sorely inconveniencing the users.

Prevent unauthorized workstation access, prevent unauthorized data modification.