A company is using storage-as-a-service from an IaaS provider for application services. The company has a mandate to protect personal information being stored on the cloud. The service provided includes encryption for in-transit data and requires a security solution for data-at-rest.
Which of the following should be deployed to secure the personal information?
A. Implement data tokenization.
B. Implement hardware-based encryption.
C. Implement centralized key management.
D. Implement database-embedded encryption.