How would you design a secure architecture for a new internal tool that stores sensitive client data?