patio11 got this right, if your application is able to decrypt it, then nothing you can will secure this data. Encryption is not the tool that you are looking for.
You can persist with encryption, but only if the user holds the key, ideally via 2-factor auth.
Instead of this, I'd go for whitelist of access, audit logs, monitors, rate limiting and alerts.
If you hold all the encrypted data and the keys, you only need your application server to fail. My personal view is that worse than thinking you have security is not responding (or even noticing) when the inevitable happens.
Configure your systems to be as secure as possible without going down the obscurity path, and then tripwire everything and know what unusual patterns of activity look like and who did what.
You can persist with encryption, but only if the user holds the key, ideally via 2-factor auth.
Instead of this, I'd go for whitelist of access, audit logs, monitors, rate limiting and alerts.
If you hold all the encrypted data and the keys, you only need your application server to fail. My personal view is that worse than thinking you have security is not responding (or even noticing) when the inevitable happens.
Configure your systems to be as secure as possible without going down the obscurity path, and then tripwire everything and know what unusual patterns of activity look like and who did what.