A European Union (EU) official must manage confidential documents that require end-to-end encryption and cloud storage, while at the same time ensuring the protection of personal data of EU citizens under the General Data Protection Regulation (GDPR). According to the fundamental principles of data protection in the EU and best cybersecurity practices, which critical measure should the official implement to ensure compliance with regulations and data security in the cloud?