I have a different problem than PII... my product will contain detailed configuration information about the customer's entire system. That makes it security-sensitive. Data will be encrypted at all times, but there's a psychological problem of having configuration information in a SaaS system at all.
