The non-code answer is to 'do nothing'. You have in place a method to determine yes/no on encryption. By and large, this leaves two adverse cases. First, human error. Second malicious intent. Attempts to fight the second scale off the charts very quickly and in any event should be extremely rare. The first, far more likely should only require graceful recovery. At some point even coding comes down to a matter of trust…remember that trust does not preclude thoughtful paranoia! If you start your cost analysis from this POV, examine the effort in it's usual terms (time, manpower, etc.) and implement solutions accordingly. Not that my experience is yours, but unless there is a compelling reason to go much further than you have, things complicate quickly from here on out.

–hsm

"Never try to teach a pig to sing…it wastes your time and it annoys the pig."