How do you manage encryption at rest and in transit, including key management, across various storage solutions?