A company has implemented containerized in-house quality control applications and currently operates Jenkins on Amazon EC2 instances that necessitate regular patching and upgrading. The compliance officer has mandated that a DevOps engineer must initiate encryption for build artifacts, which include sensitive company intellectual property. What is the most maintainable approach for the DevOps engineer to achieve this encryption of build artifacts?