A company has recently discovered that an unauthorized party accessed their cloud storage service. Upon investigation, it is found that several files contain a backdoor that was used for data exfiltration. In addition to changing passwords and reissuing keys, which of the following is the MOST important immediate action the cloud administrator should take to prevent further data loss?
Revoking unnecessary credentials
Disabling non-critical cloud services to limit the attack surface
Commencing a detailed analysis of access and activity logs
Isolating the affected systems