A Union agent responsible for coordinating diplomatic missions abroad must design a digital security protocol for a team that uses cloud-based communication tools and mobile devices. The protocol must ensure the protection of sensitive EU data and operational continuity in the face of cyber threats, aligning with the EU's cybersecurity framework and data protection principles. Based on the fundamental principles of cybersecurity and EU legislation (such as the GDPR and NIS2 Directive), which of the following measures is the MOST effective to mitigate the risk of unauthorized access to confidential data stored in the cloud without compromising the team's operational functionality?