An EU official must prepare a confidential report on a foreign policy mission involving personal data of third-country citizens. According to the GDPR principles and EU guidelines on data security, what is the most appropriate measure to ensure the protection of this data if it must be stored on a public cloud service from a third-party provider?