The Importance of Database Encryption
Database encryption protects database backups and stolen or discarded disks. In addition, it may be required for compliance.
The Limitations of Database Encryption
Database encryption does not prevent database administrators and malicious users who have compromised the DBA's password from having access to the unencrypted data, nor does it stop users from seeing data derived from the database such as ETL (extract, transform, load) files, spreadsheets, and reports using the unencrypted data. Finally, it doesn't mitigate data obtained via SQL injections into the applications server.
Key management can be very difficult if proper policies and procedures are not put in place.
Vidder's Database Encryption Recommendations
Vidder strongly recommends using Transparent Database Encryption with keys stored in an HSM or Key Manager for all sensitive data. Alternatively, use file encryption with the same key storage for a similar level of protection.