It is difficult to detect advanced attacks on data and data misuse by monitoring only one system layer. It is likewise difficult to attain acceptable performance in using external policy driven encryption systems.
One difficulty arises because large amounts of encrypted data are exposed when providing an efficient search on encrypted data. In addition, large amounts of sensitive data are exposed when using effective performance optimization to offload cryptographic operations. This results in exposure of data in memory or disk, outside of the control of the security/encryption system.