But I consider the idea of allowing your passwords to flow over the wire in plaintext and allowing other information to flow in plaintext to be quite ridiculous.
The author suggests a false dichotomy: 2048bit encryption (which algorithm? he doesn't say) or none.
There are a lot of complexities here that can be tuned for your business and its requirements. At least, if you can hire a competent security guy.
Completely agree. Which is why I say at the end of my original comment that security is "always a compromise." Put another way, you weigh the day-to-day cost of more hardware and man hours against the potential future cost of a serious security exposure.
Unfortunately most people are bad at calculating potential future costs. Which leads us to your second point about needing a good security guy. =]