Echelon can be guarded against with in-transit crypto.
Physical access to systems is far more problematic. Even if the data is nominally encrypted on-disk, the key must be in RAM to make use of the data, rendering it vulnerable at the time of seizure. (You can partially mitigate the risk, but you can't make it 100%, and it's very likely you'll have issues with cost, performance, and user-friendliness along the way.)
Physical access to systems is far more problematic. Even if the data is nominally encrypted on-disk, the key must be in RAM to make use of the data, rendering it vulnerable at the time of seizure. (You can partially mitigate the risk, but you can't make it 100%, and it's very likely you'll have issues with cost, performance, and user-friendliness along the way.)