Cryptography is a tool for turning a whole swathe of problems into key management problems. Key management problems are way harder than (virtually all) cryptographers think.
@leak yup. We don't recommend clients to use encryption at work specifically because our clients are small businesses, and they lose keys. Simple as. People in interesting industries already know the stakes and do it.
@Aranjedeath There are certain kinds of encryption your clients *definitely* should be using.
... But having been in "interesting" (meaning high-target) industries, key management is definitely something we have to address carefully
@leak Yup, but TLS is not a way you can permanently lose your business. When the database is encrypted at rest and the client loses the password? They no longer have a business. We have to do a lot of education around this to make sure a minimum risk of that happening.