A financial institution wants to reduce the risk of sensitive customer data exfiltration by employees. Which of the following would be the MOST effective measure to implement?
Enabling biometric authentication on all data systems.
Enforcing the use of strong encryption protocols for data at rest.
Segmenting the internal network based on departmental functions.
Disabling unused physical and logical service ports company-wide.
Implementing monitoring and blocking of suspicious data transfers.