The human resources division is moving all of its applications to an IaaS cloud. The Chief Information Officer (CIO) has asked the security architect to design the environment securely to prevent the IaaS provider from accessing its data at rest and data-in-transit within the infrastructure. Which of the following security controls should the security architect recommend?
A. Implement a non-data breach agreement
B. Ensure all backups are remote outside the control of the IaaS provider
C. Ensure all of the IaaS provider’s workforce passes stringent background checks
D. Render data unreadable through the use of appropriate tools and techniques