The best strategy to follow is not to have the data at all, and rather use tokenization services to access the data from a service. Your system only contains a token for the data and at runtime the system retrieves the data via an encrypted webservice call to the service provider.
If you use the SAP built in encryption, then it only supports selected fields (payment cards and credit card data) to encrypt the data in the DB / data browsers. But if user has access to the application or function which decrypts, then they can access the data in plain text. So you have more requirements to protect your application and basis authorizations and client copies.
I am not aware of anything for the US Social Security Number encrytion (either as supported service or encrypted field), however if you take a look on wikipedia you will see that the whole mechanism is about as secure as your birthday in the internet...
Cheers,
Julius