As a security architect, your company is expanding into new markets and is now subject to different regional regulations regarding data sovereignty. You need to ensure that customer data remains within legal borders according to these regulations. Which of the following methods would be the MOST effective to comply with these data sovereignty requirements?