Abstract: Regulatory compliance requirements for protecting sensitive data and valuable digital information assets have led many companies to consider encryption. While encryption algorithms are well standardized, the myriad of solutions designed to secure information leave many security architects unsure which approach is best for their environment. This document provides an introduction to planning for data encryption by offering six fundamental rules that should be considered prior to deployment.