As a cybersecurity analyst in an EU delegation, you must design a protocol to protect sensitive data of third-country citizens that are processed in public cloud services of the European Union. The protocol must strictly align with the principles of the General Data Protection Regulation (GDPR) and the EU's security guidelines. Which of the following implementation measures is the MOST effective for ensuring data sovereignty and operational continuity in the face of a massive cyberattack that compromises the local infrastructure?