I think your procedures are sensible and are maintained for good reason.
But if someone is looking to bring harm, a way around your measures can be found.
In my case, they'd have to break into my home and know where both copies of my data are (one secured in a safe, another secured in a locked drawer.)
Then they'd have to know the password to unlock and unencrypt the files. Good luck with that. ;-)