Your company has decided to implement a new cloud-based Customer Relationship Management (CRM) system. As part of the compliance requirements, all backups of the CRM data must be encrypted. The Chief Information Security Officer (CISO) asks for a recommendation on the encryption approach, emphasizing the need for both strong encryption and efficient key management. Which encryption method should be recommended?
Whole disk encryption
Key Management Service (KMS) with encryption capabilities
Database field encryption using public key infrastructure
Manual symmetric key management with AES-256
|Threats, Vulnerabilities, and Mitigations
|Security Program Management and Oversight
|General Security Concepts