Certified Information Privacy Technologist (CIPT) — Question 88

An organization must terminate their cloud vendor agreement immediately What is the most secure way to delete the encrypted data stored in the cloud?

Answer options

• A. Transfer the data to another location
• B. Invoke the appropriate deletion clause in the cloud terms and conditions.
• C. Obtain a destruction certificate from the cloud vendor
• D. Destroy all encryption keys associated with the data

Correct answer: D

Explanation

The correct answer is D because destroying all encryption keys ensures that the data cannot be accessed or decrypted, making it irrecoverable. While transferring data or invoking a deletion clause may help, they do not guarantee the complete and secure removal of the data. Obtaining a destruction certificate is a confirmation of destruction but doesn't itself ensure that the data is irretrievable.