You absolutely have to protect the data, which means many things.

However I'm not sure you need to move it all into SQL Server databases. What you should do is help the person who uses it determine how to protect it and ensure it is useable. That might be making sure copies are on network shares through an automated process, or a copy to a db using OPENROWSET.

As you protect data, you can't also make it unavailable or interrupt business processes.