How can a developer implement encryption at rest for clickstream data in Amazon Kinesis Data Streams, considering data may not be consumed for up to 12 hours?