1
Cloud Data Security
medium
An organization uses a cloud database service and needs to protect data at rest. They enable Transparent Data Encryption (TDE) with a customer-managed key stored in the cloud provider's key management service. Which additional control should they implement to ensure the key cannot be used by unauthorized personnel?