I’m designing my first multi-tenant, shared db/schema database. Security is of primary importance. With that said, how common is it for SaaS companies to encrypt data fields and which ones are typically encrypted? At a minimum, I’m inclined to encrypt all tenant (customer) identifying information (name, address, etc.) and all user identifying information (names, emails). Does this seem adequate?
Further, how much will encrypting data slow down my queries? And, which methods are typically employed to encrypt data? I’m thinking about using MySQL.