I assume you're not hard coding the encryption key in your compiled .exe because you allow your users to create their own encryption key?
If so, why don't you encrypt the encryption key before saving it in the data? In this way the master encryption key is hard coded in the exe and is used to encrypt the user's encryption key. The decrypted user encryption key is then used to encrypt and store the cc numbers. Now, if somebody copies all the data they still can't get to the cc numbers yet all workstations have easy access to the "shared" encrypted encryption key.
Brandon Harker
Sebae Data Solutions