An international financial organization has data centers in multiple countries and must comply with the European Union's data protection regulations that prohibit certain types of personal data from being transferred outside the EU. Which of the following architectural considerations is most effective in aligning the organization's data storage and transfer practices with these regulations?
Establishing a policy that requires manual approval for data transfers
Applying strong encryption to data before transferring it between data centers
Deploying a data loss prevention (DLP) solution to monitor data transfer
Introducing a secure web gateway to filter outbound data traffic
Implementing geofencing within the data management policies
Using redundant data storage across international locations for high availability
Implementing geofencing within the data management policies is the most effective way to ensure that data does not leave the European Union, as it provides controls that can enforce the physical boundaries set by the regulations. Geofencing uses GPS or RFID-enabled software to trigger a pre-programmed action when a mobile device enters or exits a virtual boundary set up around a geographical location, in this case, the EU. Other options like redundant data storage or encryption do not inherently restrict the transfer of data across geographical lines. Data loss prevention focuses on monitoring and protecting data in use, in motion, and at rest, but does not pertain specifically to geographical restrictions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is geofencing and how does it work?
Open an interactive chat with Bash
What are the European Union's data protection regulations?
Open an interactive chat with Bash
How does encryption play a role in data protection compliance?