This section outlines how encryption of data can be done with lightblue. While this is not a part of lightblue itself, it is included here for reference.
In Transit - lightblue
Many containers today provide support for terminating SSL connections. For example, we utilize JBoss EAP and have it configured to do this.
In Transit - Mongo DB
The community version of Mongo DB starting with version 2.6 is built to include SSL capabilities. MongoDB uses the MONGODB-CR challenge-response mechanism to authenticate the lightblue application user with a user name and password. Note that use of Hiera allows the password for the lightblue application user to be encrypted.
Your individual deployment environment will dictate what is possible around disk and/or host encryption. This section exists just to state that it is possible and something to evaluate based on the classification of data your deployment of lightblue will be storing.