It’s been said that, if you defend everything you are in fact defending nothing. In a world where computer networks are routinely bent and broken it rings true. So it comes down to what are you going to protect and once you’ve chosen to protect something are you going to do it through encryption or restriction of access?
Well, the answer is pretty straight forward: encryption. You can store invaluable information in the most open setting if it is encrypted properly. In the spirit of limiting overhead of encryption/decryption only encrypt while it is in storage and allow only the accessing clients to decrypt and encrypt. The implementation of encryption in your software can be somewhat complicated but, this complication is what makes it the perfect solution! If you buy an off the shelf product, for example THE currently most popular encryption software what are you getting? The biggest target. Implement unique encryption. Even simple encryption if uniquely applied is going to put a larger hurdle up than the most common solution placed in the most routine way. Not only is your data hidden but the simple fact that your info is multiplexed adds an incredibly amount of complexity. Complexity that can not be computationally broken but rather requiring the ‘by hand work’ that so few are capable of doing.