Logging on with KV: "I am amazed at the number of people who go to great lengths to encrypt data but then just chuck it all, unceremoniously, in plain form, into the logs."
1. Know what data need to be blinded, what need to be encrypted, what can just be left open.
2. Make sure the log itself isn't tampered, including signing both the entries and the log itself.