Most IT people are tinkerers, but building home-brew encryption or key management systems is just setting your organization up for disaster. Many organizations encrypt their data but leave backups of that data unencrypted. Gawker was so embarrassingly breached last December that the password information exposed was “protected” by encryption using decades-old encryption technology. Some older systems still use algorithms that are about as secure as a paper mache suit of armor. Backups should be encrypted in an encrypted format even if they have no value.”]
Source: https://www.darkreading.com/database-security/five-worst-practices-in-database-encryption