Strong encryption methods are the BEST control to protect customer personal information that is stored in the cloud, because they help to prevent unauthorized access, disclosure, modification, or deletion of the data by encrypting it at rest and in transit. Encryption is the process of transforming data into an unreadable format using a secret key or algorithm, so that only authorized parties can decrypt and access the data. Encryption can help to protect the confidentiality, integrity, and availability of the data, as well as to comply with legal and regulatory requirements.
References =
CISM Review Manual, 16th Edition, ISACA, 2020, p. 72: “Encryption is the process of transforming data into an unreadable format using a secret key or algorithm.”
CISM Review Manual, 16th Edition, ISACA, 2020, p. 73: “Encryption can help to protect the confidentiality, integrity, and availability of data, as well as to comply with legal and regulatory requirements for data protection.”
Saas Data Security: Protecting Your Customers’ Information In The Cloud - Fresent’s Blog: “Encryption and Data Protection: One of the most effective ways to protect sensitive data in the cloud is to encrypt it both at rest and in transit. Encryption is the process of transforming data into an unreadable format using a secret key or algorithm, so that only authorized parties can decrypt and access the data.”
